- From: Dave Kok <updates@davekok.net>
- Date: Thu, 03 Mar 2011 10:44:03 +0100
Op 02-03-11 22:11:48 schreef Roger H?gensen:
>Method #3:
>The server (or serverside script, like PHP or similar) sends the
>following to the browser:
> header('HTTP/1.0 401 Unauthorized');
> header('WWW-Authenticate: Close realm="My Realm"');
> *PS! the auth stuff is much longer here obviously, this was just
> to show the use of "Close"*
>
>Note:
>If Method 1 or 2 is used the browser should probably send the
>following
>
>to the server:
> GET /private/index.html HTTP/1.1
> Authorization: Close username="something"
> *PS! the auth stuff is much longer here obviously, this was just
> to show the use of "Close"*
>
May I point out that the HTTP is outside the scope of the HTML5 spec.
Also the HTTP is stateless. This requires both parties keep state which
breaks the statelessness property of the HTTP. I, for one, prefer to
preserve the statelessness property of HTTP.
Received on Thursday, 3 March 2011 01:44:03 UTC