cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: Digest authorized

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 1 Dec 2008 14:11:19 +0100 (CET)

On Mon, 1 Dec 2008, ???????? ?????? ????????? wrote:

> Header IE:
> ....
> uri="/Main.aspx",
> ....
>
> Header curl:
> ....
> uri="/Main.aspx?Method=List"
>
> Wrong uri -> Wrong response.

Ah now this rings a little bell in the back of my mind. Yuck. And out comes
evilness:

http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#msie

And the quote is:

   Since version 2.0.51 Apache also provides a workaround in the
   AuthDigestEnableQueryStringHack environment variable. If
   AuthDigestEnableQueryStringHack is set for the request, Apache will take
   steps to work around the MSIE bug and remove the query string from the
   digest comparison.

Also found this page with some other findings on HTTP Digest differences:

http://www.fngtps.com/2006/09/http-authentication

So, I would claim that we really can't fix this "properly" but we need to add
some kind of option for libcurl that tells it to do Digest like IE did before
version 7! :-( Can you think of any other way and if not, would you be able to
work on a patch for this?

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2008-12-01

This message: [ Message body ]
Next message: �� : "RE: Digest authorized"
Previous message: �� : "RE: Digest authorized"
In reply to: �� : "RE: Digest authorized"
Next in thread: �� : "RE: Digest authorized"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]