- From: Jim Luther <luther.j@apple.com>
- Date: Mon, 31 Oct 2005 08:52:56 -0800
- To: webdav <w3c-dist-auth@w3.org>
On Oct 29, 2005, at 1:22 AM, Julian Reschke wrote: >> More generally, it's not actually a WebDAV problem alone. If a >> client does a GET to a dynamically generated page, they could >> easily see different results based on whether they're >> authenticated or not. Since browsers today often cache >> authentication information, this means that the browser could >> inform the server that they'd like the challenge to save the user >> the step of first going to the site, seeing the anonymous page >> version, then choosing to login. Of course some sites use cookies >> for this but cookies are sometimes disabled, expired, etc. > > In which case I would recommend to > > - update Jim's description of the problem accordingly and > > - do this in a separate draft, optimally discussed on the HTTP WG's > mailing list. I agree with those who have said this is not a WebDAV specific issue. It should be discussed as a separate HTTP issue. - Jim
Received on Monday, 31 October 2005 16:52:48 UTC