On Tue, 26 Sep 2006 20:43:11 +0200, Alexey Proskuryakov <[EMAIL PROTECTED]> wrote:
Is this a new feature that's not present in browsers yet? From my tests, it looks like WinIE doesn't support userinfo at all, while Firefox takes string values of whatever objects are passed as user/password, e.g. "req.open('GET', url, true, null, null)" sets the credentials to "null"/"null", so the null clause doesn't apply.
Interesting. I suppose that could be a bug... Anyway, I suggest you use http://dev.w3.org/cvsweb/~checkout~/2006/webapi/XMLHttpRequest/Overview.html?content-type=text/html;%20charset=utf-8 for reading as that's a more current version.
Second, should the password from userinfo be used if only the user parameter is provided: "req.open('GET', url, true, 'user')"? Firefox resets the password to an empty string in this situation.
I would say it shouldn't be provided in this case (same as null), but I guess that needs more clarification.
Finally, I'm not sure whether userinfo support is required for conformance. As quoted above, it's a MUST, but then, it is added that browsers MAY not support it: "The usage of userinfo is discouraged MAY not work in implementations."
This should be more clear in the latest revision. For HTTP you probably shouldn't support it (and throw a SYNTAX_ERR) but for some protocols it makes some sense. For FTP you often have the username:[EMAIL PROTECTED] logins... However, the current draft only "covers" HTTP.
-- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
