I believe this is a known issue:
<rdar://problem/4335156> XMLHttpRequest ignores username/password
passed to open()
I need to go ahead and move that radar into bugzilla (or you should
feel free to file one!), which will make it easier (for someone other
than me) to fix.
I don't know of any work-arounds.
-eric
p.s. Instructions on filing WebKit bugs are available from our
website: http://www.webkit.org/
On Mar 19, 2006, at 9:41 PM, Adam Ratcliffe wrote:
Hi,
I'm developing a DHTML application that interacts with a REST API
that uses either HTTP Basic or Digest authentication. I'd like to
provide a login form that uses XHR to authenticate the user before
the actual request for a protected resource is sent.
The problem is that XHR does not handle the server's authentication
challenge, delegating the work to the browser which shows the HTTP
auth dialog. I've tired various approaches such as including the
username and password in the URL e.g. http://
<username>:<password>@host/path but none of these seem to work.
The form's onsubmit handler is shown below, a complete test case
with a PHP server-side implementation attached. I've tried the
test case both on Safari 417.8 and the webkit nightly build. The
test case works fine on Firefox.
Is this a limitation of webkit's XHR implementation or is there
another way to do HTTP auth with it that I'm missing?
Cheers
Adam
function login() {
var url = loginForm.action;
var username = document.getElementById("username").value;
var password = document.getElementById("password").value;
var http = new XMLHttpRequest();
http.open("get", url, false, username, password);
http.send("");
}
_______________________________________________
webkit-dev mailing list
[email protected]
http://www.opendarwin.org/mailman/listinfo/webkit-dev
_______________________________________________
webkit-dev mailing list
[email protected]
http://www.opendarwin.org/mailman/listinfo/webkit-dev
