[webkit-dev] Using HTTP Auth with XHR

David Harrison harrison at apple.com
Mon Mar 20 11:58:35 PST 2006 

Registered developers can see Radar bugs in BugReporter, though one's  
ability to access any particular bug report may be limited.

Dave

On Mar 20, 2006, at 2:28 AM, Eric Seidel wrote:

> Viewing rdar urls requires having Radar, an internal apple tool.
>
> Perhaps, I should not have included the URL.  I did so for the  
> benefit for those few on this list with Radar access.
>
> My apologies for any confusion.
>
> -eric
>
>
> On Mar 20, 2006, at 2:18 AM, Adam Ratcliffe wrote:
>
>> Hi Eric
>>
>> Thanks for confirming this.
>>
>> BTW what client do I use to view rdar: URLs?  I tried Safari but  
>> it doesn't recognize the protocol.
>>
>> Cheers
>> Adam
>>
>> On 20 Mar, 2006, at 8:06 PM, Eric Seidel wrote:
>>
>>> I believe this is a known issue:
>>>
>>> <rdar://problem/4335156> XMLHttpRequest ignores username/password  
>>> passed to open()
>>>
>>> I need to go ahead and move that radar into bugzilla (or you  
>>> should feel free to file one!), which will make it easier (for  
>>> someone other than me) to fix.
>>>
>>> I don't know of any work-arounds.
>>>
>>> -eric
>>>
>>> p.s. Instructions on filing WebKit bugs are available from our  
>>> website: http://www.webkit.org/
>>>
>>>
>>> On Mar 19, 2006, at 9:41 PM, Adam Ratcliffe wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm developing a DHTML application that interacts with a REST  
>>>> API that uses either HTTP Basic or Digest authentication.  I'd  
>>>> like to provide a login form that 	uses XHR to authenticate the  
>>>> user before the actual request for a protected resource is sent.
>>>>
>>>> The problem is that XHR does not handle the server's  
>>>> authentication challenge, delegating the work to the browser  
>>>> which shows the HTTP auth dialog.  I've tired various approaches  
>>>> such as including the username and password in the URL e.g.  
>>>> http://<username>:<password>@host/path but none of these seem to  
>>>> work.
>>>>
>>>> The form's onsubmit handler is shown below, a complete test case  
>>>> with a PHP server-side implementation attached.  I've tried the  
>>>> test case both on Safari 417.8 and the webkit nightly build.   
>>>> The test case works fine on Firefox.
>>>>
>>>> Is this a limitation of webkit's XHR implementation or is there  
>>>> another way to do HTTP auth with it that I'm missing?
>>>>
>>>> Cheers
>>>> Adam
>>>>
>>>> function login() {
>>>>     var url = loginForm.action;
>>>>     var username = document.getElementById("username").value;
>>>>     var password = document.getElementById("password").value;
>>>>
>>>>     var http = new XMLHttpRequest();
>>>>     http.open("get", url, false, username, password);
>>>>     http.send("");
>>>> }
>>>> _______________________________________________
>>>> webkit-dev mailing list
>>>> webkit-dev at opendarwin.org
>>>> http://www.opendarwin.org/mailman/listinfo/webkit-dev
>>>
>>>
>>>
>>
>> _______________________________________________
>> webkit-dev mailing list
>> webkit-dev at opendarwin.org
>> http://www.opendarwin.org/mailman/listinfo/webkit-dev
>
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at opendarwin.org
> http://www.opendarwin.org/mailman/listinfo/webkit-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/webkit-dev/attachments/20060320/115e1349/attachment.html

More information about the webkit-dev mailing list