cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Authentication procedure

From: Claes Jakobsson <claes_at_surfar.nu>
Date: Tue, 7 Jan 2014 08:19:51 +0100

Hi,

On 7 jan 2014, at 07:42, Shao, Shuchao <sshao_at_websense.com> wrote:
> Libcurl send the authentication data with the first GET request, it is not like the IE, firefox etc. IE (firefox etc.) send the authentication data after receiving the 407/401 response code.
> I think it is more reasonable send the authentication data after receiving 407/401 code. Consider the remote peer doesn�t need authentication, it will make no sense sending the authentication
> with the first GET request.
> Seems it is very easy to change this behavior, just add a flag for if we receive the 407/401 code, and decide whether to send the authentication data on this flag. Do you think we need a patch for this change?

No, the current behavior is good and doesn�t violate any specs. I don�t see why we should resubmit the request and waste bandwidth. If you want the behavior you suggest it�s easily implemented on your side.

/Claes
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-01-07

This message: [ Message body ]
Next message: Stefano D. Mtangoo: "Re: 421 I can't accept more than 5 connections as the same user"
Previous message: Shao, Shuchao: "Authentication procedure"
In reply to: Shao, Shuchao: "Authentication procedure"
Next in thread: Daniel Stenberg: "Re: Authentication procedure"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]