[whatwg] Solving the login/logout problem in HTML

Ian Hickson ian at hixie.ch
Tue Nov 25 13:45:09 PST 2008


On Tue, 25 Nov 2008, Julian Reschke wrote:
> > > 
> > > To do that, it would need to *capture* that information somewhere. I 
> > > was assuming the whole point in the exercise was to avoid having to 
> > > pop up an HTML based UI...
> > 
> > Well if you don't have the credentials, you can't really login anyway.
> 
> People are trained to configure credentials as value pairs (name, 
> password). Anything more complex than that will be tricky to deploy in 
> generic frameworks.

Nothing requires servers to do anything but username/password.

I don't really understand what you are asking here. Presumably in a system 
where only username/password credentials are desired, only username/ 
password credentials will be used.


> > If the request is to be able to take an HTML form and display it to 
> > the user as some other UI, then just apply the HTML semantics to the 
> > form to get the UI out. That's exactly what HTML is _for_: encoding 
> > media- and presentation-independent semantics.
> 
> OK, so how do you tell a mount command that your credentials are more 
> complex than username/password?

How do you tell a mount command that your credentials are a certificate?

This isn't an HTML issue.


> For that matter, how do UAs like FF's password manager handle cases like 
> these?

Password managers vary in implementation, but some remember all fields, 
others just the password field and one other heuristically-chosen field, 
others bail on such forms.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'



More information about the whatwg mailing list