W3C home > Mailing lists > Public > whatwg@whatwg.org > November 2008

[whatwg] Solving the login/logout problem in HTML

From: Julian Reschke <julian.reschke@gmx.de>
Date: Thu, 27 Nov 2008 17:56:21 +0100
Message-ID: <492ED135.10107@gmx.de>
Thomas Broyer wrote:
> I don't really mind, as long as the server is able to say "I give you
> this thing to you anonymous user, but you can also authenticate (e.g.
> to be proposed more features)". This is the exact use-case many web
> site (including most if not all e-commerce web sites) are facing, and
> it'd be cool that it could be dealt with at the HTTP level.

Yes, I agree that this is a valid use case. I think "Vary: 
Authentication" is sufficient for a client to detect that authenticating 
will indeed have an effect.

What else do we need?

> ...
>> The interesting question is whether we can retroactively specify it for 200
>> responses without breaking existing servers.
> 
> ...and clients (and intermediaries, but you might have included them
> in "servers")

I was thinking "sites" (when I said "servers"), which would include all 
parties involved.

Indeed.

BR, Julian
Received on Thursday, 27 November 2008 08:56:21 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:07 UTC