httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 27758] - digest authentication fails to handle a URL of the form http://domain.world/page.type?querystring
Date Thu, 18 Mar 2004 18:19:08 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=27758>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=27758

digest authentication fails to handle a URL of the form http://domain.world/page.type?querystring





------- Additional Comments From geoff@apache.org  2004-03-18 18:19 -------
I think it would be a good idea to provide msie support here if msie 6 is still
broken.

that said, I'm not too sure that I like the proposed patch.  it's fine, but I
feel in my gut that we shouldn't be messing with the digest algorithm proper -
there's nothing to protect against a mismatched query string in this case, even
though it's still important.  but I like the BrowserMatch approach 

I think the solution I'd rather see is constructing the compared uri from
uri+query if the hack is set, keeping the query as part of the comparison.

I'll work on an alternative patch and move the discussion to httpd-dev if there
is some consensus that my approach has merit.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message