W3C home > Mailing lists > Public > www-validator@w3.org > August 2008

Re: Problem with validating password-protected pages

From: olivier Thereaux <ot@w3.org>
Date: Mon, 4 Aug 2008 14:36:19 -0400
Cc: www-validator@w3.org
Message-Id: <968017F6-61CF-4082-A96D-04F6AF1CB548@w3.org>
To: H.Hahn <h.hahn@hahn-informatica.nl>


On 3-Aug-08, at 11:07 AM, H. Hahn wrote:
> While developing a website, I wanted to validate a certain page that  
> is password-protected.

Did you use HTTP level password protection (the validator can proxy  
that kind of authentication) or form-and-session-cookie? The latter,  
obviously, the validator can not handle, and the best way to check  
such pages is to use direct input or file upload.

> As I was logged in at a sufficiently high level, having access to  
> all pages, I tacitly expected the validator to have the same rights  
> as its invoker (i.e., me) had.

Fortunately, no.

> Only after I re-validated with displaying the complete source code,  
> I found that it had not validated the requested page, but the "Page  
> not found" page. Basically, this was correct, as the validator  
> apparently was refused access to the page.

Not sure why the lack of authentication would return a "page not  
found" page. That does not sound right.

> However, both the validator's address field and the validation  
> result text mentioned the correct URL of the original page, without  
> any mention of the "Page not found" page.

That's a problem with your system. The validator correctly displays  
redirected URLs.
e.g see:
and look at the Address: Field.

Thank you.
Received on Monday, 4 August 2008 18:36:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:59:09 UTC