NEW 8291
XMLHttpRequest needs to be extended before it can provide an alternative interface to the browser's dialog for HTTP auth 
https://bugs.webkit.org/show_bug.cgi?id=8291
Summary XMLHttpRequest needs to be extended before it can provide an alternative inte...
Adam Ratcliffe
Reported 2006-04-10 01:47:25 PDT
A limitation of XHR is that it's not possible to control whether the browser's HTTP auth dialog is shown when invalid credentials are sent with the XHR request. This limits its usefulness in providing an alternative interface to the browser's dialog for HTTP auth. This issue has been discussed in the Mozilla community and alternatives suggested but so far not implemented, see: https://bugzilla.mozilla.org/show_bug.cgi?id=282547 https://bugzilla.mozilla.org/show_bug.cgi?id=221943 A simple solution would be for the open() method to accept a callback for handling an authentication failure. If open() was called without a reference to a callback function, or the callback function returned FALSE the HTTP auth dialog could be displayed.
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2006-04-10 02:42:34 PDT
Additionally, I think that our current implementation is inconsistent and/or broken (only shows the dialog for async requests, but doesn't seem to actually use the typed in credentials).
Alexey Proskuryakov
Comment 2 2006-06-10 05:21:54 PDT
(In reply to comment #1) > Additionally, I think that our current implementation is inconsistent and/or > broken (only shows the dialog for async requests, This is bug 8342. > but doesn't seem to actually use the typed in credentials). Looks like an NSURLConnection bug, rdar://4581439. It is probably possible to work around it in WebKit (by removing credentials from the URL passed to Foundation and handling them manually) , but I'm not sure if it's worth it.
Brent Fulgham
Comment 3 2022-07-06 13:48:19 PDT
(In reply to Alexey Proskuryakov from comment #2) > (In reply to comment #1) > > Additionally, I think that our current implementation is inconsistent and/or > > broken (only shows the dialog for async requests, > > This is bug 8342. > > > but doesn't seem to actually use the typed in credentials). > > Looks like an NSURLConnection bug, rdar://4581439. It is probably possible > to work around it in WebKit (by removing credentials from the URL passed to > Foundation and handling them manually) , but I'm not sure if it's worth it. The NSURLConnection bug was fixed in OS X 10.5.3 (and newer)
Note You need to log in before you can comment on or make changes to this bug.