- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 26 Nov 2008 12:07:54 +0100
Ian Hickson wrote: > On Wed, 26 Nov 2008, Julian Reschke wrote: >> If the form is more complex than two fields (identity/secret), then I >> don't see how authentication is going to work except by displaying the >> form -- just extracting the field names certainly wouldn't be >> sufficient, even if they would be reasonable self-describing. >> >> So, in the current form, this proposal only helps in marking the >> server's response as *being* a login form, but not really in making it >> more usable for a non-HTML client... > > Do you have a concrete example where the login form is complex in a manner > where the fields can't be identified and there is reason to believe that a > bot will want to authenticate but won't have been given enough information > to do so? Well, it was you stating that the form could be arbitrarily complex. If it's just two text fields, one of which of type password, then no, it wouldn't be hard. BR, Julian
Received on Wednesday, 26 November 2008 03:07:54 UTC