Hi,I'm developing a DHTML application that interacts with a REST API that uses either HTTP Basic or Digest authentication. I'd like to provide a login form that uses XHR to authenticate the user before the actual request for a protected resource is sent.
The problem is that XHR does not handle the server's authentication challenge, delegating the work to the browser which shows the HTTP auth dialog. I've tired various approaches such as including the username and password in the URL e.g. http:// <username>:<password>@host/path but none of these seem to work.
The form's onsubmit handler is shown below, a complete test case with a PHP server-side implementation attached. I've tried the test case both on Safari 417.8 and the webkit nightly build. The test case works fine on Firefox.
Is this a limitation of webkit's XHR implementation or is there another way to do HTTP auth with it that I'm missing?
Cheers
Adam
function login() {
var url = loginForm.action;
var username = document.getElementById("username").value;
var password = document.getElementById("password").value;
var http = new XMLHttpRequest();
http.open("get", url, false, username, password);
http.send("");
}
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ webkit-dev mailing list [email protected] http://www.opendarwin.org/mailman/listinfo/webkit-dev
