Re: 100 Continue and Expects

ons 2010-03-31 klockan 15:59 -0700 skrev Mark Pauley:

> In the end, the only time CFNetwork zeroes out the POST's length is in
> the case that we've already gotten a 4xx, and we are starting the NTLM
> auth dance, because there is no way that NTLM can just decide to not
> give us a 4xx once we give it the NTLM initiation in response to the
> initial 4xx.

There is. Any proxy using IP based authentication cache as commonly used
for cutting down the overhead of NTLM MAY consider the IP already
authenticated in the middle of an NTLM handshake or any other time if
the same IP is performing other concurrent requests.

So your assumption above only holds true IFF you know for sure that this
client station is only having this single TCP connection open to the

Note: Some servers MAY also perform something similar, but for servers
use of session cookies is more common than relying on the IP.


Received on Monday, 3 May 2010 23:05:57 UTC