How HTTP Basic Auth Persists Across Pageviews

I am familiar with the basic workings of HTTP Auth, but how does it keep track of authentication between page views? I see there is no cookie created when the initial authentication takes place.

To quote the Wikipedia article on this:

Because the BA header has to be sent with each HTTP request, the web browser needs to cache credentials for a reasonable period of time to avoid constantly prompting the user for their username and password.

So it seems your browser takes care of this for you.

Leave a Reply

Your email address will not be published. Required fields are marked *