On Sep 23, 2:59 pm, Bernd Kreuss <[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> > In the same way GOOGLE uses a COOKIE to be persistent for a certain
> > web page and applies redirection logic or not based on whether the
> > browser passed a authorized cookie: header, GOOGLE should do the
> > same thing with Chrome with standard HTTP authorization headers.
>
> If you are using http-auth as a cookie replacement you could just
> replace the code which sends 401 with code sending a session cookie
> instead and replace the code that checks for the authorization header
> and loads the session data with code that checks for the cookie header
> instead. ~10 lines of code. This would solve your problem immediately.
Again, another incorrect Web-Design Presumption.
I'll explain.
First, you are mandating certain web layouts and designs that is
should not be something the is mandated by browser clients. They have
to work with the server, not the other way around.
Second, in our framework, unlike many others, that use to be an off-
the-shelf commodity, the product offer the operators the choice of
what they want to use which include
- standard HTTP Basic/Digest methods
- non-standard Cookie based methods
- a proprietary method for our Frontend wcNavigator
See http://www.winserver.com/public/aup/webauthsummary.htm
Thirds,
Again, whether its a web page, folder or alias or what have you can
have a different state at any time. Generally, it all depends on the
where the request is authenticated or not. You can't presume a
certain design to be on the server side that is uncalled for when the
only issue is the incorrect usage of redirection in a new browser -
CHROME, not IE, not FIREFOX. not Opera, Not K-Meleon, not any other
BROWSER - but Chrome! (I'm lumping Safari and Chrome as the same base
code issue).
This issue is not exclusive to just us. This is well known, and only
the NEWBIES are discovering today as a problem they are encountering.
Chrome people are just catching up.
Google itself doesn't notice it because it is predominately based on
using COOKIE based methods. If Google used HTTP-AUTH, it would have
the same problems as well.
So when you have open source coders focused with methods they are
presuming is the way of the world (which is it not), not only it the
wrong way to design products, they are going to cause problems in the
real world.
Again, why do you keep ignoring that fact the it is only CHROME with
this problem? Does that not tell you anything?
---
Hector Santos/CTO
Santronics Software, Inc
http://www.santronics.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Chromium-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/chromium-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
