W3C home > Mailing lists > Public > public-webapi@w3.org > May 2008

Re: XHR LC comments

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Tue, 27 May 2008 17:58:30 +0200
To: Julian Reschke <julian.reschke@gmx.de>
Cc: "Web API WG (public)" <public-webapi@w3.org>
Message-ID: <tabo34dkhv8fpl514p6r5vmjrg8mhohvvt@hive.bjoern.hoehrmann.de>

* Julian Reschke wrote:
>Julian Reschke wrote:
>> Anne van Kesteren wrote:
>>  > ...
>>>  From what I recall at least Firefox does it that way in practice. 
>>> Currently it does not give any indication what kind of character 
>>> encoding needs to be used so we picked the most obvious one.
>>> ...
>> I just tried, and as far I can tell, it uses ISO-8859-1.
>More tests reveal that IE, Firefox and Safari use ISO-8859-1, while 
>Opera uses UTF-8. From my reading of RFC2617 and RFC2616, using 
>ISO-8859-1 actually is correct (like it or not).

Assuming this is about the encoding of username and password in HTTP
Basic Authentication, then I think your interpretation and tests are
incorrect, or my contradictory results are no longer valid, see:


I believe the if-not-iso-8859-1 remark in RFC 2616 is irrelevant here
as you have to pick a character encoding before you apply the base64
transformation. It is the base64 encoded string that the 2616 remark
would apply to.

I would be interested to know what Internet Explorer 7 on a system does
where the default code page is not CP1252, my suspicion would be that
the default code page is used, rather than Windows-1252, but I lack the
setup to confirm or deny that at the moment. If anyone is going to test
this, posting the results to the http-auth list would be a good idea.
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Tuesday, 27 May 2008 15:59:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:27 UTC