On 10/24/12 4:00 PM, Ross Singer wrote:
> On Oct 24, 2012, at 3:48 PM, Gary McGath <[log in to unmask]> wrote:
>> With AJAX, a resource can be brought up by refreshing part of an
>> existing page rather than as a whole new page. If the page is expecting,
>> for example, a JPEG image, and the request for the image is redirected
>> to a login page because it's restricted, then the page won't get back an
>> image, but instead will get back the HTML for the login page. The HTML
>> <img> tag can't do anything with this, and it will merely fail to
>> display the image.
> What does this have to do with discovery interfaces?
The issue is generic to any web application that has a mix of public and
restricted resources and may encounter restricted ones at unexpected
times, such as was being discussed with discovery interfaces.
> Also, why wouldn't your AJAX-enabled app be prepared for such an event?
Are you asking how an AJAX-enabled application can handle such cases?
I'm not sure this is the appropriate venue for getting into the
technical details, and I've encountered the problem without having
managed to implement a solution, but I'll briefly cover how I'd attack
If the resource redirects to an HTML login page, the Ajax code can't
make any sense of that, so it can't be "prepared for such an event."
However, if the response has an HTTP code indicating that authentication
is required, the Ajax error handler can dispatch on the code and
dispatch an event which is handled at the page's top level, forcing the
whole page to redirect to the login. This is doable but a bit messy and
reduces the value of AJAX. Giving an indication that not all resources
could be loaded and providing the option to log in is cleaner.
> There are lots of things everywhere (not just library-related) that require logins. The internet hasn't broken as a result.
I'm afraid I don't understand how this relates to what I was discussing.
I didn't deny either of those points (though the Internet is always in a
partly broken state). By "require login," do you mean "automatically
redirect a request for a restricted resource to a login page"? I find
that's more the exception than the rule.
Gary McGath, Professional Software Developer http://www.garymcgath.com