W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2008

Re: combining authenticated and anonymous access

From: Julian Reschke <julian.reschke@gmx.de>
Date: Fri, 28 Nov 2008 12:33:20 +0100
Message-ID: <492FD700.2040601@gmx.de>
To: Yves Lafon <ylafon@w3.org>
CC: HTTP Working Group <ietf-http-wg@w3.org>

Yves Lafon wrote:
> 
> On Thu, 27 Nov 2008, Julian Reschke wrote:
> 
>> An interesting proposal is to continue returning content with status 
>> 200, but to include the WWW-Authenticate header nevertheless. RFC2616 
>> currently is silent about this combination:
> [..]
> 
>> Has anybody tried this before?
> 
> I saw that on a very popular server due to an error in one extension, 
> some browser rendered the pages correctly, some other prompted the user 
> for authentication (despite the 200 status code).

I just tried it with Opera/FF/Safari/IE7/Chrome (latest Windows XP 
version), and none of them prompted the user...

BR, Julian
Received on Friday, 28 November 2008 11:34:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:57 GMT