Message 76739 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	jjlee
Recipients	TFKyle, jjlee, orsenthil
Date	2008-12-02.13:45:58
SpamBayes Score	3.1063664e-05
Marked as misclassified	No
Message-id	<1228225560.1.0.617644119164.issue3819@psf.upfronthosting.co.za>
In-reply-to

Content
I agree this is a bug. Senthil -- re "1)", the paragraph you refer to (quoted by the OP) is relevant. The fact that it doesn't specifically mention redirection is not relevant. Re "2)": I don't know how digest auth works, but the paragraph you quote from appears to be there for explanation rather than for prescribing how digest auth or HTTP work (i.e. it appears to be "non-normative"). This bug doesn't say that redirected requests shouldn't contain the Authorization header. It says that the Authorization header for an old request shouldn't be sent with a new request (though it may turn out the new one is equal to the old one in some cases).

I agree this is a bug.

Senthil -- re "1)", the paragraph you refer to (quoted by the OP) is
relevant.  The fact that it doesn't specifically mention redirection is
not relevant.

Re "2)": I don't know how digest auth works, but the paragraph you quote
from appears to be there for explanation rather than for prescribing how
digest auth or HTTP work (i.e. it appears to be "non-normative").  This
bug doesn't say that redirected requests shouldn't contain the
Authorization header.  It says that the Authorization header for an old
request shouldn't be sent with a new request (though it may turn out the
new one is equal to the old one in some cases).

History
Date	User	Action	Args
2008-12-02 13:46:00	jjlee	set	recipients: + jjlee, orsenthil, TFKyle
2008-12-02 13:46:00	jjlee	set	messageid: <1228225560.1.0.617644119164.issue3819@psf.upfronthosting.co.za>
2008-12-02 13:45:59	jjlee	link	issue3819 messages
2008-12-02 13:45:58	jjlee	create