8291 2006-04-10 01:47:25 -0700 XMLHttpRequest needs to be extended before it can provide an alternative interface to the browser's dialog for HTTP auth 2022-07-06 13:48:19 -0700 1 1 1 Unclassified WebKit XML 420+ Mac OS X 10.4 NEW P2 Enhancement --- 10489 1 adam webkit-unassigned ap bfulgham bugs-webkit gavin.sharp ian oldest_to_newest 38861 0 adam 2006-04-10 01:47:25 -0700 A limitation of XHR is that it's not possible to control whether the browser's HTTP auth dialog is shown when invalid credentials are sent with the XHR request. This limits its usefulness in providing an alternative interface to the browser's dialog for HTTP auth. This issue has been discussed in the Mozilla community and alternatives suggested but so far not implemented, see: https://bugzilla.mozilla.org/show_bug.cgi?id=282547 https://bugzilla.mozilla.org/show_bug.cgi?id=221943 A simple solution would be for the open() method to accept a callback for handling an authentication failure. If open() was called without a reference to a callback function, or the callback function returned FALSE the HTTP auth dialog could be displayed. 38863 1 ap 2006-04-10 02:42:34 -0700 Additionally, I think that our current implementation is inconsistent and/or broken (only shows the dialog for async requests, but doesn't seem to actually use the typed in credentials). 45239 2 ap 2006-06-10 05:21:54 -0700 (In reply to comment #1) > Additionally, I think that our current implementation is inconsistent and/or > broken (only shows the dialog for async requests, This is bug 8342. > but doesn't seem to actually use the typed in credentials). Looks like an NSURLConnection bug, rdar://4581439. It is probably possible to work around it in WebKit (by removing credentials from the URL passed to Foundation and handling them manually) , but I'm not sure if it's worth it. 1881091 3 bfulgham 2022-07-06 13:48:19 -0700 (In reply to Alexey Proskuryakov from comment #2) > (In reply to comment #1) > > Additionally, I think that our current implementation is inconsistent and/or > > broken (only shows the dialog for async requests, > > This is bug 8342. > > > but doesn't seem to actually use the typed in credentials). > > Looks like an NSURLConnection bug, rdar://4581439. It is probably possible > to work around it in WebKit (by removing credentials from the URL passed to > Foundation and handling them manually) , but I'm not sure if it's worth it. The NSURLConnection bug was fixed in OS X 10.5.3 (and newer)