javascript - How does the server initiate http basic authentication? ?

In js ajax there is the following situation:

<code>var xhr = new XMLHttpRequest();
    // 下面的第四个，第五个参数怎么使用？？
    xhr.open('get' , 'authorization.php' , true , username , password);
    xhr.send();</code>

So far, I have never used the fourth and fifth parameters of the ajax open method. When I wrote the ajax operation class today, I felt that the fourth and fifth parameters were always a problem, and I wanted to understand them thoroughly.

It is said on the Internet that the fourth and fifth parameters must be provided only for pages that require http basic authentication.

But I just don’t understand How to pop up the authentication box on the php page? ?

I tried:

<code> header('Authorization: username:password');</code>

But this should be set in the header of the ajax request. Anyway, how to do this in php? ? I have no clue

Can you post the authentication js code and php code for learning (it does not involve oAuth authentication for the time being, learn the most primitive ones first, and then move on to oAuth)?

Reply content:

In js ajax there is the following situation:

<code>var xhr = new XMLHttpRequest();
    // 下面的第四个，第五个参数怎么使用？？
    xhr.open('get' , 'authorization.php' , true , username , password);
    xhr.send();</code>

So far, I have never used the fourth and fifth parameters of the ajax open method. When I wrote the ajax operation class today, I felt that the fourth and fifth parameters were always a problem, and I wanted to understand them thoroughly.

It is said on the Internet that the fourth and fifth parameters must be provided only for pages that require http basic authentication.

But I just don’t understand How to pop up the authentication box on the php page? ?

I tried:

<code> header('Authorization: username:password');</code>

But this should be set in the header of the ajax request. Anyway, how to do this in php? ? I have no clue

Can you post the authentication js code and php code for learning (it does not involve oAuth authentication for the time being, learn the most primitive ones first, and then move on to oAuth)?

Just now, I wanted to use php to collect others, basic certification, official examples:

HTTP authentication with PHP

<code><?php
  if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Text to send if user hits Cancel button';
    exit;
  } else {
    echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
    echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
  }
?>
</code>

The normal network request status is 200. You want the browser to pop up the basic authentication window and return status 401