[whatwg] Solving the login/logout problem in HTML
Elliotte Harold
elharo at metalab.unc.edu
Thu Nov 27 09:19:43 PST 2008
Asbjørn Ulsberg wrote:
> [Response 1]
>
> HTTP/1.1 401 Unauthorized
> WWW-Authenticate: HTML realm="Administration"
>
> <!DOCTYPE html>
> <html>
> ....
> <form action="/login">
> <input name="username">
> <input type="password" name="password">
> <input type="submit">
> </form>
> </html>
>
Interesting. If we go down this line I think it's important to MANDATE
the names and meanings of the various fields, or provide some other key
by which a bot can reliably identify necessary login fields and decide
what to put in them.
Today the various form autofillers only guess right a little more than
half the time in my experience, and even with training and special
hackery to eliminate forms that try to disable autofilling, they still
miss a shocking number of forms they've seen before.
--
Elliotte Rusty Harold elharo at metalab.unc.edu
Refactoring HTML Just Published!
http://www.amazon.com/exec/obidos/ISBN=0321503635/ref=nosim/cafeaulaitA
More information about the whatwg
mailing list