Hi, thanks for taking care.
As xMLHttpRequest.open("GET", link, async, loginName, password); explicitely supports it, I had assumed it is the standard Ajax way to transfer the credentials. But as it is send in clear text in the URL (and deprecated according to you links) I now prefer to send it inside a <form> as a hidden field and like this it is properly protected when send as https. regards Marcel Thierry Boileau schrieb: > Hello Macel, > > from what I see in the code, these data are not taken into account by > HTTP. After having a look at the HTTP and URI specifications, it appears > that HTTP relies on the definition of the "host" term ([1] and [2]) as > specified in the URI spec ([3]) which does not take into account the > userinfo part (4)... That can look quite odd. > Anyway, passing user name and password in the "userinfo" subcomponent is > clearly not recommended in the URI spec. Could you tell us more about > your needs? > > > best regards, > Thierry Boileau > > [1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.1 > [2] http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.2 > [3] http://tools.ietf.org/html/rfc3986#section-3.2.2 > [4] http://tools.ietf.org/html/rfc3986#section-3.2.1 > >> Hi, >> >> I want to transfer user and password credentials: >> >> var loginName = "jack"; >> var password = "1122"; >> var xhr = new XMLHttpRequest(); >> xhr.open("GET", link, async, loginName, password); >> >> In firebug I can see the URL send: >> >> "jack:1...@localhost" >> >> but I have found no way to access it in my restlet servlet (I have tried >> POST and GET). >> >> How does this work? >> >> Thanks >> Marcel >> >> ------------------------------------------------------ >> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2423045 >> >> >> > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2423245 > > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2423406