|
Jorey Bump
list at joreybump.com
Tue May 18 16:27:45 EDT 2004
Diener, Edward wrote: > Why would the browser hide this action from me, producing no prompt ? For the sake of convenience. A browser must prompt for the login when it first encounters a location protected by HTTP Basic Authentication, since it doesn't know the user/password. Obviously, anyone could program a browser that simply caches this information for later reuse, but convention requires that the browser forgets this information when you close it. In fact, many will offer to save these values for future use (a potentially dangerous practice). Why is this behavior important? Pick any modern password-protected web site and count the number of dependent files that must be loaded to render the page, such as images, stylesheets, javascript sources, etc. If your browser didn't remember your login, you would be prompted for every single one of those files. The site would be practically unusable.
|