[whatwg] Solving the login/logout problem in HTML

Elliotte Harold elharo at metalab.unc.edu
Thu Nov 27 09:19:43 PST 2008


Asbjørn Ulsberg wrote:

>  [Response 1]
> 
>  HTTP/1.1 401 Unauthorized
>  WWW-Authenticate: HTML realm="Administration"
> 
>  <!DOCTYPE html>
>  <html>
>    ....
>    <form action="/login">
>      <input name="username">
>      <input type="password" name="password">
>      <input type="submit">
>    </form>
>  </html>
> 

Interesting. If we go down this line I think it's important to MANDATE 
the names and meanings of the various fields, or provide some other key 
by which a bot can reliably identify necessary login fields and decide 
what to put in them.

Today the various form autofillers only guess right a little more than 
half the time in my experience, and even with training and special 
hackery to eliminate forms that try to disable autofilling, they still 
miss a shocking number of forms they've seen before.

-- 
Elliotte Rusty Harold  elharo at metalab.unc.edu
Refactoring HTML Just Published!
http://www.amazon.com/exec/obidos/ISBN=0321503635/ref=nosim/cafeaulaitA



More information about the whatwg mailing list