Author mcepl
Recipients mcepl
Date 2013-11-04.19:26:53
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1383593213.58.0.82920866423.issue19494@psf.upfronthosting.co.za>
In-reply-to
Content
Also let me add from RFC 2617, end of section 2:

> A client MAY preemptively send the corresponding Authorization
> header with requests for resources in that space without
> receipt of another challenge from the server.  Similarly, when
> a client sends a request to a proxy, it may reuse a userid and
> password in the Proxy-Authorization header field without
> receiving another challenge from the proxy server. See section
> 4 for security considerations associated with Basic
> authentication.

So sending "Authorization" in the introductory request is not
only performance hack, but it is also anticipated by RFC.
History
Date User Action Args
2013-11-04 19:26:53mceplsetrecipients: + mcepl
2013-11-04 19:26:53mceplsetmessageid: <1383593213.58.0.82920866423.issue19494@psf.upfronthosting.co.za>
2013-11-04 19:26:53mcepllinkissue19494 messages
2013-11-04 19:26:53mceplcreate