W3C home > Mailing lists > Public > www-jigsaw@w3.org > January to February 2003

Proxy-Authorization forwarded, as of jigsaw 2.2.2

From: Thomas Kriegelstein <tk4@mail.inf.tu-dresden.de>
Date: Thu, 20 Feb 2003 03:52:52 -0500 (EST)
To: www-jigsaw@w3.org
Message-Id: <200302200952.39115.tk4@mail.inf.tu-dresden.de>


org/w3c/jigsaw/proxy/ForwardFrame.java (jigsaw 2.2.2) Line 246 sets the
Proxy-Authenticate header to null. This header is not supposed to be send by a 
client or upstream-proxy. This is not the bug but a copy & paste mistake from 

The bug is:
According to RFC 2616 section 13.5.1:
The Proxy-Authorization header is also a hop-by-hop header. So it should be 
set to null.
Recommended fix: Replace the H_PROXY_AUTHENTICATE in line 246 with

Another possibility:
Set all hop-by-hop headers in dupReply and dupRequest to null.
Without distinction between reply and request messages.

Without this fix a downstream webserver learns how to authenticate with the 

Received on Sunday, 23 February 2003 06:10:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:41:31 UTC