[whatwg] ContextAgnosticXmlHttpRequest: an informal RFC

Doron Rosenberg doronr at gmail.com
Tue Mar 22 09:11:58 PST 2005


> 
> Is there anything in the SOAP protocol that warrants persistence of
> any types of credentials such as what the HTTP protocol provides with
> Basic-Auth and Cookies ?

Yes, basic-auth and cookies are an security issue, and probably should
not be sent.  SOAP has its own mechanisms for such things.



More information about the whatwg mailing list