W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

#516 note about WWW-A parsing potentially misleading

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 30 Oct 2013 15:10:24 +0100
Message-ID: <52711350.4020908@gmx.de>
To: ietf-http-wg@w3.org
Hi there,


"User agents are advised to take special care in parsing the 
WWW-Authenticate field value as it might contain more than one 
challenge, or if more than one WWW-Authenticate header field is 
provided, the contents of a challenge itself can contain a 
comma-separated list of authentication parameters."

This is text that we copied from RFC 2616 
However, isn't the

"...if more than one WWW-Authenticate header field is provided..."


What's contained in a challenge does not depend on the number of header 
field instances, after all.

Best regards, Julian
Received on Wednesday, 30 October 2013 14:10:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:19 UTC