W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2002

Fw: [neon] Digest authentication with integrity protection

From: Emanuel <listabb@sked.ch>
Date: Wed, 25 Sep 2002 03:16:08 -0400 (EDT)
Message-ID: <003701c26463$658acb90$cb4a290a@ch.abb.com>
To: <ietf-http-wg@w3.org>




Yup, digest-uri is defined to be Request-URI, which does include the
query part.  You should bring this up on http-wg, others may have
encountered this problem.

Regards,

joe
----- Original Message -----
From: "Joe Orton" <joe@manyfish.co.uk>
To: "Emanuel" <listabb@sked.ch>
Sent: Tuesday, September 24, 2002 9:47 PM
Subject: Re: [neon] Digest authentication with integrity protection
On Tue, Sep 24, 2002 at 04:38:27PM +0200, Emanuel wrote:
> Thanks!
>
> I have a question for you, hope you can answer, of course I can compile
neon
> and try(or look at the sources), but that takes some times :-)
>
> For the digest authentication, does neon include the arguments in the
"uri"
> parameter in the Authorization request header?
> Like :
> 1
> GET /test.html?arg1&arg2=1
> Authorization: Digest username="test", realm="digest", nonce="blabla",
> uri="/test.html" ...
> Or like:
> 2
> GET /test.html?arg1&arg2=1
> Authorization: Digest username="test", realm="digest", nonce="blabla",
> uri="/test.html?arg1&arg2=1"
>
> I think the number 2 is correct, but internet explorer use the first :-(
>
> Thanks a lot!
Received on Wednesday, 25 September 2002 05:39:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:20 GMT