- From: Jamie Lokier <jamie@shareable.org>
- Date: Thu, 1 Apr 2010 10:20:20 +0100
- To: Mark Pauley <mpauley@apple.com>
- Cc: Adrien de Croy <adrien@qbik.com>, ietf-http-wg@w3.org
Mark Pauley wrote: > You're right, and we've identified these sort of issues as well. > CFNetwork (and any HTTP client in general) can't assume that they'll > be given a 407, even if we know that this host has sent us one > before. Moreover, using a HEAD to 'prime' the auth also doesn't > work, nor does anything similar work. Sometimes you have actually > try the full request, because HTTP allows for servers to be as > pernicious as they please. It's good to know that HEAD doesn't work either, thanks. In theory a chunked request would be good for this, but I doubt if it works. > In the end, the only time CFNetwork zeroes out the POST's length is > in the case that we've already gotten a 4xx, and we are starting the > NTLM auth dance, because there is no way that NTLM can just decide to > not give us a 4xx once we give it the NTLM initiation in response to > the initial 4xx. So the result is you POST the request body twice - once before the 4xx, and once again at the last request? What happens with combinations of NTLM proxy authentication and "sometimes" NTLM server authentication, where you have to do the dance for the proxy, then after that you may or may not have to do it a second time? Do you end up sending the request body exactly three times in the case where NTLM is used for both hops? Thanks, -- Jamie
Received on Thursday, 1 April 2010 09:20:53 UTC