Closed
Bug 146494
Opened 22 years ago
Closed 22 years ago
Clicking "cancel" on a htaccess prompt continues the request
Categories
(Core :: Networking: HTTP, enhancement)
Core
Networking: HTTP
Tracking
()
VERIFIED
DUPLICATE
of bug 123652
People
(Reporter: ahde, Assigned: mpt)
Details
Clicking "cancel" on a htaccess prompt continues the request On a .htaccess protected page with a username and password prompt, if you click the cancel button, the request is still sent and you get the "401 Authorization required" message. For example try: http://www.kfalls.net/~ahde/secret This is fairly standard behavior across browsers. IE 5.5, Netscape 4.7, & Mozilla. I would like to propose a UI change so that when you click "cancel", it returns to the previous page rather than giving the 401. This is counter-intuitive. Since the request has already been sent, (how else would the browser know autorization is required), the proposed solution might have to trigger the back button and reload the previous page. But since the page hasn't been redrawn, it might not be necessary. If there was a way to abort a page load, this could save resources, but might be trickier to implement. Another advantage would be that since only the challenge was sent from the server, you could save the terrible bandwidth burden imposed by all those graphic intensive (probably with flash and background midi) custom error pages. I'm not sure if any other dialogs besides the .htaccess prompt have similar behavior.
Comment 1•22 years ago
|
||
That dialog is a Basic Auth, and there's already a request to stop the authentification process and go back. *** This bug has been marked as a duplicate of 123652 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
VERIFIED/dupe. I'm verifying this as dupe, because I think your intent was to ask for that, but I want to clarify one aspect. When you first request the page, you send no auth, and the server sends back a rejection. The browser automatically figures out it should have asked your for auth, so it asks you. The 401 response triggers the http-auth dialog, and also includes the error page in the response. The display is supressed, unless you hit cancel, you never see the pre-loaded error page. There is no way to supress receiving the error page. Web admins that create over-sized error pages probably are guilty of creating bloated content as well.
Status: RESOLVED → VERIFIED
Component: Browser-General → Networking: HTTP
QA Contact: zach → httpqa
You need to log in
before you can comment on or make changes to this bug.
Description
•