[webkit-dev] Using HTTP Auth with XHR
Eric Seidel
macdome at opendarwin.org
Mon Mar 20 00:06:05 PST 2006
I believe this is a known issue:
<rdar://problem/4335156> XMLHttpRequest ignores username/password
passed to open()
I need to go ahead and move that radar into bugzilla (or you should
feel free to file one!), which will make it easier (for someone other
than me) to fix.
I don't know of any work-arounds.
-eric
p.s. Instructions on filing WebKit bugs are available from our
website: http://www.webkit.org/
On Mar 19, 2006, at 9:41 PM, Adam Ratcliffe wrote:
> Hi,
>
> I'm developing a DHTML application that interacts with a REST API
> that uses either HTTP Basic or Digest authentication. I'd like to
> provide a login form that uses XHR to authenticate the user before
> the actual request for a protected resource is sent.
>
> The problem is that XHR does not handle the server's authentication
> challenge, delegating the work to the browser which shows the HTTP
> auth dialog. I've tired various approaches such as including the
> username and password in the URL e.g. http://
> <username>:<password>@host/path but none of these seem to work.
>
> The form's onsubmit handler is shown below, a complete test case
> with a PHP server-side implementation attached. I've tried the
> test case both on Safari 417.8 and the webkit nightly build. The
> test case works fine on Firefox.
>
> Is this a limitation of webkit's XHR implementation or is there
> another way to do HTTP auth with it that I'm missing?
>
> Cheers
> Adam
>
> function login() {
> var url = loginForm.action;
> var username = document.getElementById("username").value;
> var password = document.getElementById("password").value;
>
> var http = new XMLHttpRequest();
> http.open("get", url, false, username, password);
> http.send("");
> }
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at opendarwin.org
> http://www.opendarwin.org/mailman/listinfo/webkit-dev
More information about the webkit-dev
mailing list