[whatwg] ContextAgnosticXmlHttpRequest: an informal RFC

> Is there anything in the SOAP protocol that warrants persistence of
> any types of credentials such as what the HTTP protocol provides with
> Basic-Auth and Cookies ?

Yes, basic-auth and cookies are an security issue, and probably should
not be sent.  SOAP has its own mechanisms for such things.

Received on Tuesday, 22 March 2005 09:11:58 UTC