[webkit-dev] Using HTTP Auth with XHR
Adam Ratcliffe
adam at prema.co.nz
Sun Mar 19 21:41:22 PST 2006
Hi,
I'm developing a DHTML application that interacts with a REST API
that uses either HTTP Basic or Digest authentication. I'd like to
provide a login form that uses XHR to authenticate the user before
the actual request for a protected resource is sent.
The problem is that XHR does not handle the server's authentication
challenge, delegating the work to the browser which shows the HTTP
auth dialog. I've tired various approaches such as including the
username and password in the URL e.g. http://
<username>:<password>@host/path but none of these seem to work.
The form's onsubmit handler is shown below, a complete test case with
a PHP server-side implementation attached. I've tried the test case
both on Safari 417.8 and the webkit nightly build. The test case
works fine on Firefox.
Is this a limitation of webkit's XHR implementation or is there
another way to do HTTP auth with it that I'm missing?
Cheers
Adam
function login() {
var url = loginForm.action;
var username = document.getElementById("username").value;
var password = document.getElementById("password").value;
var http = new XMLHttpRequest();
http.open("get", url, false, username, password);
http.send("");
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.macosforge.org/pipermail/webkit-dev/attachments/20060320/5e09ecca/PGP.bin
More information about the webkit-dev
mailing list