Ambiguity parsing WWW-Authenticate value from cowwoc on 2014-07-09 (ietf-http-wg@w3.org from July to September 2014)

From: cowwoc <cowwoc@bbs.darktech.org>
Date: Tue, 8 Jul 2014 21:32:48 -0700 (PDT)
To: ietf-http-wg@w3.org
Message-ID: <1404880368578-286694.post@n7.nabble.com>

http://tools.ietf.org/html/rfc7235#section-4.1 contains the following
example:

WWW-Authenticate: Newauth realm="apps", type=1,
                       title="Login to \"apps\"", Basic realm="simple"

This is meant to represent two challenges.

How is a parser supposed to differentiate between different challenges and
the parameters belonging to the previous challenge? I can only assume that
challenges are identified as a key without a value, whereas parameters must
have a value. Is that correct?

If so, you might want to mention this explicitly in the specification
because it's not immediately obvious.

Gili



--
View this message in context: http://w3-org.9356.n7.nabble.com/Ambiguity-parsing-WWW-Authenticate-value-tp286694.html
Sent from the w3.org - ietf-http-wg mailing list archive at Nabble.com.

Received on Wednesday, 9 July 2014 04:33:10 UTC