W3C home > Mailing lists > Public > xproc-dev@w3.org > December 2010

Re: p:http-request and HTTP re-directs

From: Florent Georges <fgeorges@fgeorges.org>
Date: Fri, 10 Dec 2010 20:00:55 +0100
Message-ID: <AANLkTi=xuoiiK95RuRnUU9R4vrgXES9G7r4GNDyL=mZM@mail.gmail.com>
To: Philip Fennell <Philip.Fennell@marklogic.com>
Cc: XProc Dev <xproc-dev@w3.org>
On 10 December 2010 16:50, Philip Fennell wrote:

  Hi,

> and the response from the service a 301 redirect why would I
> get a 401 response from the service I was redirected to? After
> all, I have provided the username/password for that service.

  Interesting.  I don't have the answer for this particular case,
unfortunately, but I am interested in the case.  This is unclear
to me (from both the HTTP 1.1 and HTTP Authentication RFCs)
whether a client should send the authentication infos when
following a 301 (sounds dangerous to me, in particular with the
Basic scheme).  But I don't have the definitive answer here, I am
not a HTTP expert...

  Second, are you sure Calabash does not send the authentication
infos when following the redirect?  I mean, maybe it does but the
target server does respond 401 because the credentials are not
valid (401 is returned both when there is no credentials at all
and when they are incorrect).  Maybe a HTTP tool to dump the
requests could help here.

  Regards,

-- 
Florent Georges
http://fgeorges.org/
Received on Friday, 10 December 2010 19:01:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 10 December 2010 19:01:50 GMT