- From: Henrik Nordstrom <henrik@henriknordstrom.net>
- Date: Fri, 17 Jul 2009 03:59:27 +0200
- To: Adrien de Croy <adrien@qbik.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
ons 2009-07-08 klockan 10:02 +1200 skrev Adrien de Croy: > When we added a realm, we couldn't find anywhere which specified how a > proxy should specify a realm of the entire universe. In the end we used > realm="/" It's an opaque string. There is no structure to realms, just equality. > This is nothing like a sitename, or anything the browser can use to > judge whether or not the credentials are usable or not for another > request. So the browser has to simply assume the actual usability space > of the credentials are defined by host, port, etc etc. Surely this > isn't the intent of realm? The realm is in addition to the canonical root of the requested server, or in case of 407 the Cacnonical-Root is proxy-host:port (or http://proxy-host:port if you like, doesn't matter). The protection space is defined by the tuple (Canonical-Root, Realm) See 2617 1.2 Access Authentication Framework Regards Henrik
Received on Friday, 17 July 2009 02:00:10 UTC