- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 26 Nov 2008 11:54:28 +0100
Ian Hickson wrote: >> A simple way to achieve it would be to restrict it to username/password >> pairs, and to have the names of these form parameters live in the >> response headers as well. > > We would have to, at a minimum, include the name of the username field, > the name of the password field, and the URL of the form to POST to. I am > very wary of duplicating information that is already available as it tends > to become out of date and thus ends up being even more of a pain than if > the information isn't there in the first place. I would expect that information to be autogenerated. Anyway, if it's out of sync, authentication is not going to work, so it should be noticed quickly. > ... BR, Julian
Received on Wednesday, 26 November 2008 02:54:28 UTC