- From: Mark Nottingham <mnot@mnot.net>
- Date: Thu, 20 Oct 2011 16:18:42 +1100
- To: Dan Anderson <dan-anderson@cox.net>
- Cc: James Snell <jasnell@gmail.com>, "Roy T. Fielding" <fielding@gbiv.com>, "Thomson, Martin" <Martin.Thomson@commscope.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
I don't think that would be workable; 407 is specifically for proxies -- i.e., intermediaries interposed with the involvement of the client, not intercepting proxies. I have a suspicion that there will be clients whose code paths for 407 will behave badly if they're not expecting it on the wire. Cheers, On 20/10/2011, at 4:15 PM, Dan Anderson wrote: > Hi, > > I kind of like that idea. > > OT: It makes me wonder if something similar could be done to 401. > > Thanks > Dan > > On Wed, Oct 19, 2011 at 6:44 PM, James Snell <jasnell@gmail.com> wrote: >> It would seem to me that a 407 with a >> Proxy-Authenticate using a hypothetical "form" auth scheme and a >> Location header could be applied to the same purpose without requiring >> the introduction of a new response code... e.g. >> >> HTTP/1.1 407 Proxy Authentication Required >> Location: http://foo.example.com/proxy_login >> Proxy-Authenticate: form >> >> Just a thought... >> >> - James > -- Mark Nottingham http://www.mnot.net/
Received on Thursday, 20 October 2011 05:19:21 UTC