On ons, 2008-08-13 at 18:57 +1000, Evgeniy Khramtsov wrote: > Currently I'm a spectator of a situation when a client doesn't include > an "opaque" field in the "Authorization" header and a server replies > with 400 "Authorization should contain opaque". Actually, I don't know > who is right: a client or a server? The way I read it the server is right. The language isn't fully formal, but it does say should (3.2.1) and required (3.3), which means a client not returning the opaque is clearly broken. And with opaque included in the earlier RFC2069 specifications with nearly the same language there really is no excuse for not returning it.. Regards HenrikReceived on Wednesday, 13 August 2008 10:16:36 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:17 UTC