W3C home > Mailing lists > Public > www-jigsaw@w3.org > January to February 2003

Re: Proxy-Authorization forwarded, as of jigsaw 2.2.2

From: Yves Lafon <ylafon@w3.org>
Date: Mon, 24 Feb 2003 12:08:24 +0100 (MET)
To: Thomas Kriegelstein <tk4@mail.inf.tu-dresden.de>
cc: www-jigsaw@w3.org
Message-ID: <Pine.GSO.4.53.0302241158220.24666@tarantula.inria.fr>

On Thu, 20 Feb 2003, Thomas Kriegelstein wrote:

>
>
> Hi,
>
> org/w3c/jigsaw/proxy/ForwardFrame.java (jigsaw 2.2.2) Line 246 sets the
> Proxy-Authenticate header to null. This header is not supposed to be send by a
> client or upstream-proxy. This is not the bug but a copy & paste mistake from
> dupReply.
>
> The bug is:
> According to RFC 2616 section 13.5.1:
> The Proxy-Authorization header is also a hop-by-hop header. So it should be
> set to null.
> Recommended fix: Replace the H_PROXY_AUTHENTICATE in line 246 with
> H_PROXY_AUTHORIZATION.

14:34 Proxy Authorization

A proxy MAY relay the credentials from the client request to the next
proxy if that is the mechanism by which the proxies cooperatively
authenticate a given request.

So it is hop-by-hop but may be relayed :)
But in this case it was indeed a typo ;) thanks for noticing this!
(it is fixed in CVS [1] and will be in the upcoming so-called "devel" jar)
Thanks!

[1] http://dev.w3.org/cvsweb/java/classes/org/w3c/

-- 
Yves Lafon - W3C
"Baroula que barouleras, au tiéu toujou t'entourneras."
Received on Monday, 24 February 2003 06:08:26 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 April 2012 12:13:36 GMT