Re: Caching just the username for authn

From: Branko Čibej <brane_at_xbc.nu>
Date: Sun, 13 Nov 2011 08:16:33 +0100

On 12.11.2011 20:34, Konstantin Kolinko wrote:
> Regarding user:passwd_at_host syntax it us up to browser how to interpret the URL.
> If browser cannot interpret username and password in the URL it is
> just browser's thing.

It is not up to the browser at all. See RFC-2616 (HTTP 1.1), section 3.2.2:

http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2

It does not mention username or password anywhere. I think people tend
to confuse http:// with ftp://, which does allow embedding the username
and password in the URL.

-- Brane
Received on 2011-11-13 08:17:16 CET

This message: [ Message body ]
Next message: Branko Čibej: "Re: Caching just the username for authn"
Previous message: Daniel Shahaf: "Re: svn commit --targets behaviour change in 1.7?"
In reply to: Konstantin Kolinko: "Re: Caching just the username for authn"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]