- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Tue, 27 May 2008 17:58:30 +0200
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: "Web API WG (public)" <public-webapi@w3.org>
* Julian Reschke wrote: >Julian Reschke wrote: >> Anne van Kesteren wrote: >> > ... >>> From what I recall at least Firefox does it that way in practice. >>> Currently it does not give any indication what kind of character >>> encoding needs to be used so we picked the most obvious one. >>> ... >> >> I just tried, and as far I can tell, it uses ISO-8859-1. > >More tests reveal that IE, Firefox and Safari use ISO-8859-1, while >Opera uses UTF-8. From my reading of RFC2617 and RFC2616, using >ISO-8859-1 actually is correct (like it or not). Assuming this is about the encoding of username and password in HTTP Basic Authentication, then I think your interpretation and tests are incorrect, or my contradictory results are no longer valid, see: http://lists.osafoundation.org/pipermail/ietf-http-auth/2006-September/000374.html I believe the if-not-iso-8859-1 remark in RFC 2616 is irrelevant here as you have to pick a character encoding before you apply the base64 transformation. It is the base64 encoded string that the 2616 remark would apply to. I would be interested to know what Internet Explorer 7 on a system does where the default code page is not CP1252, my suspicion would be that the default code page is used, rather than Windows-1252, but I lack the setup to confirm or deny that at the moment. If anyone is going to test this, posting the results to the http-auth list would be a good idea. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de 68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Tuesday, 27 May 2008 15:59:12 UTC