The authc dialog box is displayed every time the authentication fails when using AJAX + BASIC.
This happens due to the WWW-Authenticate header 401 http status code which forces the browser to show the authc dialog box.
This is more like a Google Chrome behavior. In Firefox the dialog is never show.
Given that, the idea is check the presence of the X-Requested-With header to decide whether the requests cames from XHR or not. If so, respond with a 403 instead of 401.
In this case, 403 means that the client was forbidden by the server due to invalid credentials. As suggested by the WWW-Authenticate header.
|
