W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2006

Re: Digest Authentication (Broken in many Browsers)

From: Joe Orton <joe@manyfish.co.uk>
Date: Wed, 12 Jul 2006 16:42:11 +0100
To: "John C. Mallery" <jcma@csail.mit.edu>
Cc: ietf-http-wg@w3.org
Message-ID: <20060712154211.GB17722@manyfish.co.uk>

On Wed, Jul 12, 2006 at 02:47:59PM +0000, John C. Mallery wrote:
> Few browsers seem to have implemented HTTP 1.1 Digest Authentication  
> correctly, at least on the Mac.
> 
> Digest authentication of proxy requests seems to be a major problem  
> area.
> 
> Firefox 2.0b1 seems to be the best implementation on the mac.
> 
> 1. I note, however, that it computes the digest based on the relative  
> URI of the absolute URI requested of the proxy.

I think this is a post-1.5 regression in Firefox, we had a similar 
report with similar details filed against mod_auth_digest:

http://issues.apache.org/bugzilla/show_bug.cgi?id=37959

joe
Received on Wednesday, 12 July 2006 18:48:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:46 GMT