- From: Eric Lawrence <ericlaw@exchange.microsoft.com>
- Date: Fri, 23 Mar 2007 13:24:38 -0700
- To: Eric Lawrence <ericlaw@exchange.microsoft.com>, Alexey Melnikov <alexey.melnikov@isode.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
I should clarify that IE removes the escaping before calculating the hash for each directive value. Hence IE6 and IE7 behavior are the same in this regard, we still hash "redmond\ericlaw" when username is sent as "redmond\\ericlaw". -Eric -----Original Message----- From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org] On Behalf Of Eric Lawrence Sent: Friday, March 23, 2007 12:00 PM To: Alexey Melnikov; ietf-http-wg@w3.org Subject: RE: Escaping <\> in HTTP Digest (RFC 2617) IE7 uses WDigest.dll, which escapes the \ into \\. IE6 and previous versions relied on Digest.dll, which did not escape the \. Thanks, Eric Lawrence Program Manager Internet Explorer Networking -----Original Message----- From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org] On Behalf Of Alexey Melnikov Sent: Saturday, March 17, 2007 2:44 PM To: ietf-http-wg@w3.org Subject: Escaping <\> in HTTP Digest (RFC 2617) Hi, I would like to get some feedback on what HTTP Digest implementations do with '\' in username/realm/password. For example, if I have a username 'example.com\user1', do implementations hash 'example.com\\user1' (i.e. the \ is escaped with another \), or just 'example.com\user1' (single slash). Thanks, Alexey
Received on Friday, 23 March 2007 20:26:00 UTC