- From: Willy Tarreau <w@1wt.eu>
- Date: Sat, 29 Oct 2011 14:23:18 +0200
- To: Mark Nottingham <mnot@mnot.net>
- Cc: Julian Reschke <julian.reschke@gmx.de>, HTTP Working Group <ietf-http-wg@w3.org>
Hi Mark, Julian,
On Sat, Oct 29, 2011 at 10:23:06PM +1100, Mark Nottingham wrote:
> I'm +1 on this. Normally we shouldn't have to go to this level of detail, but the syntax here is very brittle, so it's worth doing.
>
> Any objections?
[disclaimer: I've not read the initial issue]
In the following header from Julian's example :
WWW-Authenticate: Newauth realm="apps", type=1,
title="Login to \"apps\"", Basic realm="simple"
I'm seeing 4 independant comma-delimited values, which could also be
expressed and individually processed like this with the same meaning :
WWW-Authenticate: Newauth realm="apps"
WWW-Authenticate: type=1
WWW-Authenticate: title="Login to \"apps\""
WWW-Authenticate: Basic realm="simple"
I'm not sure this is precisely what's desired since Julian suggested
there were two challenges in this example (Newauth and Basic). Thus I
would have written them that way with semi-colons to split the attributes :
WWW-Authenticate: Newauth realm="apps"; type=1;
title="Login to \"apps\"", Basic realm="simple"
which would then be equivalent to :
WWW-Authenticate: Newauth realm="apps"; type=1; title="Login to \"apps\""
WWW-Authenticate: Basic realm="simple"
It would be nice to clarify this point since it can be confusing.
Regards,
Willy
Received on Saturday, 29 October 2011 12:23:47 UTC