I'm pretty sure the answer to this is no because it would be a major security hole. But if a user has logged in to a website开发者_开发百科 using their browser, and then tell our desktop app to read an XML file from that website, is there a way to use the credentials the browser has so they do not need to give us the username & password?
thanks - dave
This is not possible to get the password from Basic-Auth in javascript, as it would be a rather large security issue. However, if the browser learned about a basic-auth username/password pair, it will send it with every request to the matching domain, so you might not even be force to know the password on the client as the browser is going to handle it.
If you have a custom authentication schema, you could save the username and password in a way that you can access it via javascript from a cookie, but I strongly advise you to not do that, as it would open the username / password to anyone being able to run javascript in your app context (e.g. via XSS) and would probably save the password in clear-text on the user's hard-disk. What you should use in this case is a token based system (like oauth) or one of the many single-sign-on systems out there, which use short-lived and signed cookies.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论