HTTP Digest auth done IE-style
Date: Mon, 8 Dec 2008 23:54:22 +0100 (CET)
Since Internet Explorer did a broken HTTP digest authentication before v7,
there are servers "out there" that relies on the client doing this broken
Digest authentication (as brought up on the user's list just a week ago).
Apache even comes with an option to work with such broken clients.
I'm about to work on this issue, but I'm having a little trouble deciding
where/how to add the option that would switch libcurl to use the IE-style
instead of our regular style. The difference is only seen for URLs that
contain a query-part (a '?'-letter and text to the right of it).
So should I:
A) add a setopt() named something like CURLOPT_HTTPDIGEST_IESTYLE
B) add a new auth type for host+proxy auth that is named CURLAUTH_DIGEST_IE
that then would be a different digest than the regular CURLAUTH_DIGEST one?
C) something completely different
I'm currently leaning towards option (B) but I'm interested in thoughts or
general feedback on this.
-- / daniel.haxx.seReceived on 2008-12-09