| simp@php.net 2006-05-09, 6:58 pm |
| ID: 37371
Updated by: simp@php.net
Reported By: cyberscribe@php.net
-Status: Open
+Status: Verified
Bug Type: Documentation problem
Operating System: n/a
PHP Version: Irrelevant
-Assigned To:
+Assigned To: simp
New Comment:
You're right. RFC 2617 also says so:
"It uses an extensible, case-insensitive token to identify the
authentication scheme, followed by a comma-separated list of
attribute-value pairs which carry the parameters necessary for
achieving authentication via that scheme."
Previous Comments:
------------------------------------------------------------------------
[2006-05-08 22:46:06] cyberscribe@php.net
Description:
------------
In the Digest example on
http://php.net/features.http-auth
the auth, qop, nonce, and opaque values for the WWW-Authenticate header
are not separated by commas.
This works fine for browsers like Firefox, but does not work when
authenticating with Internet Explorer or Opera. So, for maximum
compatability, be sure to separate the key/value pair elements of the
WWW-Authenticate header with commas.
I'm not sure what the RFCs say; I just know what works.
And I think it's strange that the comment I posted with the same
information was deleted -- since it could save someone like me in a
similar situation a lot of pain and frustration until someone on the
Doc team gets around to changing this...
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=37371&edit=1
|