W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2007

RE: Escaping <\> in HTTP Digest (RFC 2617)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Sun, 25 Mar 2007 23:51:07 +0200
To: Eric Lawrence <ericlaw@exchange.microsoft.com>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-Id: <1174859467.16825.21.camel@henriknordstrom.net>
fre 2007-03-23 klockan 13:24 -0700 skrev Eric Lawrence:
> I should clarify that IE removes the escaping before calculating the hash for each directive value.
> 
> Hence IE6 and IE7 behavior are the same in this regard, we still hash "redmond\ericlaw" when username is sent as "redmond\\ericlaw".

If I understand this correctly a server which wishes to interoperate
with IE6 need to be careful in how it dequotes the username-value, and
only remove \ infront of " or \

Regards
Henrik

Received on Sunday, 25 March 2007 21:51:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:00 GMT