On 2/13/09 3:36 PM, Chad wrote:
On Feb 13,
2009 6:28 PM, "Erik Moeller" wrote:
On any wiki where there's an operation restricted to logged in users,
the error message "You must be logged in .." is shown with a link to
the login form. Is there a reason (other than "not coded yet") why
this login form isn't rendered directly onto the error page, skipping
one step?
You hit it right on the head. No reason it can't be there
already. I believe there's a bug open about it.
This idea has been kicked around for a while, but there's a potential
snag -- one issue is that we want to be able to move the login form to
SSL consistently so we're not sending passwords around unencrypted.
If we embed the form directly into error message output, then we have
two possibilities:
1) We have a form on an _insecure_ page which _submits_ to a secure page.
This is an unsafe practice -- you don't know that the form is safe; even
if you check the <form action> value it might actually be hacked to
submit somewhere else by JavaScript if you've been hit by a MITM attack
or sent to a malicious site via hacked DNS. Honestly this creeps me out
when my bank does this. :)
Possibly however we don't care that much. :D
2) We could redirect to the same error page *on* the SSL server, so it's
a secure form now, but possibly unexpectedly.
Redirecting might not be feasible for all cases (eg the result of a POST
submission).
-- brion