Re: Ambiguity parsing WWW-Authenticate value

On 2014-07-09 06:32, cowwoc wrote:
> contains the following
> example:
> WWW-Authenticate: Newauth realm="apps", type=1,
>                         title="Login to \"apps\"", Basic realm="simple"
> This is meant to represent two challenges.
> How is a parser supposed to differentiate between different challenges and
> the parameters belonging to the previous challenge? I can only assume that
> challenges are identified as a key without a value, whereas parameters must
> have a value. Is that correct?

A scheme name is followed by whitespace and a parameter (if any).

I wrote a regexp-based parser based on the ABNF and it works just fine, 
see <>.

> If so, you might want to mention this explicitly in the specification
> because it's not immediately obvious.

Well, the specification was just published, so it's a bit late for 
editorial suggestions like this one...

Best regards, Julian

Received on Wednesday, 9 July 2014 06:35:43 UTC