Hi Andrew, It sounds as though you've _assumed_ that Prototype changes the user- agent string based on the authentication mechanism not working, rather than actually checking to be sure that it does. It's generally best to test assumptions before they waste your time.
As far as I can tell, Prototype doesn't change the user agent string. There's nothing in the code doing it, and I didn't see any difference in the user agent string in a quick JSP I threw together. You should be able to easily check that at your end with a PHP equivalent. If you read through the Prototype Ajax documentation, there are some _other_ headers that Prototype adds by default. Perhaps the authentication mechanism is sensitive to other headers having differences.  http://prototypejs.org/api/ajax/options HTH, -- T.J. Crowder tj / crowder software / com Independent Software Engineer, consulting services available On Feb 7, 9:12 pm, Andrew <aara...@gmail.com> wrote: > Hi Everyone, > > I'm starting to switch my AJAX requests over to Prototype from ones > that were custom written using XMLHttpRequest. I just finished doing > the first one, and thought it was going fine until I noticed it was > breaking my PHP session-controlled log in system. My log in system > uses user agent authentication on each page the user requests, so that > the session can't be hijacked easily (if it detects a change in user > agents, it automatically logs out). It seems that Prorotype's AJAX > request may be changing the user agent string, because after the > request is made, and I navigate to another page, I am logged out of my > session. I turned off the user agent authentication and the problem > went away. Is there a way to keep Prototype from changing the user > agent string? > > Thanks in advance for any help. > > Andrew --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group. To post to this group, send email to firstname.lastname@example.org To unsubscribe from this group, send email to prototype-scriptaculous+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/prototype-scriptaculous?hl=en -~----------~----~----~----~------~----~------~--~---