- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Wed, 2 Nov 2005 20:47:59 +0100
- To: 'webdav' WG <w3c-dist-auth@w3.org>
> Am 31.10.2005 um 17:52 schrieb Jim Luther: > >> >> On Oct 29, 2005, at 1:22 AM, Julian Reschke wrote: >> >>>> More generally, it's not actually a WebDAV problem alone. If a >>>> client does a GET to a dynamically generated page, they could >>>> easily see different results based on whether they're authenticated >>>> or not. Since browsers today often cache authentication >>>> information, this means that the browser could inform the server >>>> that they'd like the challenge to save the user the step of first >>>> going to the site, seeing the anonymous page version, then choosing >>>> to login. Of course some sites use cookies for this but cookies are >>>> sometimes disabled, expired, etc. >>> >>> In which case I would recommend to >>> >>> - update Jim's description of the problem accordingly and >>> >>> - do this in a separate draft, optimally discussed on the HTTP WG's >>> mailing list. >> >> I agree with those who have said this is not a WebDAV specific issue. >> It should be discussed as a separate HTTP issue. +1. Stefan
Received on Wednesday, 2 November 2005 19:48:18 UTC