For SSO login, we should support as old as possible (no javascript,
backward compatible to HTML 4? 3? 2? I don't know you tell me....).
For admin UI, we can be more restrictive, IMO. The admin UI, is not
just a UI though. It is a set of REST services that can be called from
javascript (or whatever langage/platform you want). For security
reasons we might want to restrict the types of browsers that can make
these REST requests.
On 8/6/2013 10:14 AM, Gabriel Cardoso wrote:
An important question is to define which older browsers we have to
support. Does Red Hat have a list of them? Who defines this?
Gabriel
On Aug 6, 2013, at 10:24 AM, Bill Burke wrote:
> Older browsers don't support HttpOnly cookies, right? So, maybe we
> don't set login cookies for these older browsers. For SSO, this will
> require a relogin every time. For the admin UI, we just won't allow
> interaction with older browsers. We'll do this by checking the
> User-Agent header.
>
>
https://issues.jboss.org/browse/KEYCLOAK-23
> --
> Bill Burke
> JBoss, a division of Red Hat
>
http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com