[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-wget] [Bug-Wget] Handling of Multiple authorizations

From: Darshit Shah
Subject: [Bug-wget] [Bug-Wget] Handling of Multiple authorizations
Date: Tue, 30 Jul 2013 18:28:02 +0530

According to RFC 2617, the server may either send multiple WWW-Authenticate
Headers or a single WWW-Authenticate Header with multiple challenges. In
such a case, it is advisable to select the most secure protocol known by
the client for authentication.

Wget, however uses only the first challenge it sees and begins sending the
challenge response. This can be easily replicated through the
Test-auth-both test in the new Test Environment I'm writing and is
available at: https://www.github.com/darnir/wget-gsoc

My question is, are we interested in fixing this or do we just let it be?

Thanking You,
Darshit Shah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]