[whatwg] Solving the login/logout problem in HTML

Julian Reschke julian.reschke at gmx.de
Wed Nov 26 02:54:28 PST 2008


Ian Hickson wrote:
>> A simple way to achieve it would be to restrict it to username/password 
>> pairs, and to have the names of these form parameters live in the 
>> response headers as well.
> 
> We would have to, at a minimum, include the name of the username field, 
> the name of the password field, and the URL of the form to POST to. I am 
> very wary of duplicating information that is already available as it tends 
> to become out of date and thus ends up being even more of a pain than if 
> the information isn't there in the first place.

I would expect that information to be autogenerated.

Anyway, if it's out of sync, authentication is not going to work, so it 
should be noticed quickly.

> ...

BR, Julian



More information about the whatwg mailing list