httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Malo ...@perlig.de>
Subject Re: cvs commit: httpd-2.0/modules/aaa mod_auth_digest.c
Date Tue, 11 Feb 2003 14:54:59 GMT
* André Malo wrote:

[guessing the domain attribute in mod_auth_digest]
> The guessing code is somewhat weird anyway.

We should drop it entirely. Our own docs say:

[AuthDigestDomain]
This directive should always be specified and contain at least the (set of) 
root URI(s) for this space. Omitting to do so will cause the client to send 
the Authorization header for every request sent to this server.

So, let's simply omit the domain attribute if AuthDigestDomain isn't set. 
All guessing here leads to undefined behaviour. If we stop guessing 
AuthDigestDomain definitely defaults to "/".

nd
-- 
>kann mir jemand sagen, was genau @-Domains sind?
Ein Mythos. Ein Werbetrick. Verarsche. Nenn es wie du willst...

                 -- Alexandra Buss und Björn Höhrmann in dciwam

Mime
View raw message