On Mon, 26 Sep 2005, Mehmet Fidanboylu wrote:

>> I could possibly be persuaded into supporting multiple name/password pairs
>> based on realm or similar, but first I would like a good answer to why it
>> would be necessary!
>
> One thing I can think of is page forwards.. "When using HTTP and
> CURLOPT_FOLLOWLOCATION, libcurl might perform several requests to possibly
> different hosts. libcurl will only send this user and password information
> to hosts using the initial host name (unless CURLOPT_UNRESTRICTED_AUTH is
> set), so if libcurl follows locations to other hosts it will not send the
> user and password to those." This might be a limitation for some of the
> users of the library.

Not quite. It wouldn't completely limit users of the library. It would only
limit users to use the CURLOPT_FOLLOWLOCATION and at the same time support
(multiple) realms on the used sites.

Nothing prevents an app to make the location-following themselves, and thus do
the auth magic exactly as the app wants it.

If you provide a nice and clean patch for this, I promise I'll seriously
consider applying it.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html