httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Malo ...@perlig.de>
Subject Re: [PATCH] mod_auth_digest.c -- EnableQueryStringHack
Date Mon, 09 Jun 2003 02:07:02 GMT
* Cliff Woolley wrote:

> On Sun, 8 Jun 2003, Paul Querna wrote:
> 
>> This Patch is setup to use a BrowserMatch directive to allow MSIE
>> clients to use Digest Authentication.
> 
> That's strange... I'd have sworn somebody already submitted just such a
> patch.  Might do us well to look back in the archives and find out what
> ever happened with that.

Just my opinion: I don't like it very much, since it decreases security and
violates the RFC very hard. The Client should be fixed, not the server.
...but I won't stand in the way if there are positive votes on it.

nd
-- 
$_=q?tvc!uif)%*|#Bopuifs!A`#~tvc!Xibu)%*|qsjou#Kvtu!A`#~tvc!KBQI!)*|~
tvc!ifmm)%*|#Qfsm!A`#~tvc!jt)%*|(Ibdlfs(~  # What the hell is JAPH? ;
@_=split/\s\s+#/;$_=(join''=>map{chr(ord(  #             André Malo ;
$_)-1)}split//=>$_[0]).$_[1];s s.*s$_see;  #  http://pub.perlig.de/ ;

Mime
View raw message