Paul Cohen wrote:
> 1. Client -> Server: HTTP GET "http://foo:[EMAIL PROTECTED]/new-
>
> Another question is: Why is the username and password sent in the URL?
Is it? Not what I see when I run a packet sniffer. If the UN/PW is being
sent in the GET message I'd expect the server to return a 404 --
Paul Cohen wrote:
> THE PROBLEM: When I login with invalid username or password the login
> dialog is displayed. I don't want that. I want my call to
> XMLHttpRequest to return with status 401 so I can display my own
> custom "Invalid credentials" feedback to the user.
See https://bugzilla.mozilla
Hi,
I am trying to implement a web login solution using HTTP
authentication with:
1. A custom XHTML/CSS/Javascript login form and XMLHttpRequest.
2. Apache 2.2 configuration but no other server side code.
3. No displaying of the browser (Firefox 3.0.1) login dialog.
Eventually I want my solution