- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Fri, 17 Aug 2007 11:49:00 +0200
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: Mark Nottingham <mnot@mnot.net>, Hugo Haas <hugo@yahoo-inc.com>, ietf-http-wg@w3.org
Am 17.08.2007 um 11:30 schrieb Julian Reschke: > - force servers not to return a 401 at all. > > I think the latter would be bad: in this case I'd prefer a 401 over > a 400 or (gasp!) a 200. Well, sending WWW-Authenticate along with 401 is a MUST. So, how would a server send a 401 *without* complying to the basic framework Mark is talking about? //Stefan -- Stefan Eissing <green/>bytes GmbH Hafenweg 16 D-48155 Münster Germany Amtsgericht Münster: HRB5782
Received on Friday, 17 August 2007 09:49:43 UTC