[Bug 19969] New: clarify some user name/password and setRequestHeader() Authorize header issues

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 19969] New: clarify some user name/password and setRequestHeader() Authorize header issues

Bugzilla from bugzilla@jessica.w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=19969

          Priority: P2
            Bug ID: 19969
                CC: [hidden email], [hidden email]
          Assignee: [hidden email]
           Summary: clarify some user name/password and setRequestHeader()
                    Authorize header issues
        QA Contact: [hidden email]
          Severity: normal
    Classification: Unclassified
                OS: Linux
          Reporter: [hidden email]
          Hardware: PC
            Status: NEW
           Version: unspecified
         Component: XHR
           Product: WebAppsWG

IMO we should clarify the following:

1) Add a note (maybe just informative?) saying user name / password from open()
method will only be sent to a site if it first uses a 401 response to indicate
that authentication is required.

2) Figure out what should happen if a script calls open() with user
name/password arguments, then sets an Authorize header with setRequestHeader().
Which wins? Will it depend on whether the site says 401 or not?

(IMO: setRequestHeader() should win if this is compatible with implementations,
simplifies things. Whether or not there is a 401 response should make no
difference. Hope that's sufficiently aligned with implementations..)

3) I assume that if setRequestHeader() adds an Authorize header, it's sent to
the server whether or not a 401 request has been returned. Perhaps this should
also be noted.

--
You are receiving this mail because:
You are on the CC list for the bug.

Reply | Threaded
Open this post in threaded view
|

[Bug 19969] clarify some user name/password and setRequestHeader() Authorize header issues

Bugzilla from bugzilla@jessica.w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=19969

Anne <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE

--- Comment #1 from Anne <[hidden email]> ---


*** This bug has been marked as a duplicate of bug 15418 ***

--
You are receiving this mail because:
You are on the CC list for the bug.