[whatwg] Solving the login/logout problem in HTML
julian.reschke at gmx.de
Wed Nov 26 02:54:28 PST 2008
Ian Hickson wrote:
>> A simple way to achieve it would be to restrict it to username/password
>> pairs, and to have the names of these form parameters live in the
>> response headers as well.
> We would have to, at a minimum, include the name of the username field,
> the name of the password field, and the URL of the form to POST to. I am
> very wary of duplicating information that is already available as it tends
> to become out of date and thus ends up being even more of a pain than if
> the information isn't there in the first place.
I would expect that information to be autogenerated.
Anyway, if it's out of sync, authentication is not going to work, so it
should be noticed quickly.
More information about the whatwg