[whatwg] Solving the login/logout problem in HTML

Ian Hickson ian at hixie.ch
Wed Nov 26 04:21:12 PST 2008


On Wed, 26 Nov 2008, Julian Reschke wrote:
> Ian Hickson wrote:
> > > >   challenge = "HTML" [ form ]
> > > >   form      = "form" "=" form-name
> > > >   form-name = quoted-string
> > > RFC2617 states that "The realm directive (case-insensitive) is required
> > > for all authentication schemes that issue a challenge."
> > 
> > I didn't really understand how the realm would work here, which is why I
> > didn't include it. Is this a case where we should violate RFC2617? (Note
> > that we're in a rather unusual case here because the challenge never gets a
> > reply in the traditional sense.)
> 
> Unless there's an ultra-important reason to violate any base 
> requirements, I would advise against it.

"They make no sense" is a pretty important reason. What would "realm" mean 
in this context? Who would use it and how? How would you know what value 
to set it to?

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'



More information about the whatwg mailing list