cURL / Mailing Lists / curl-library / Single Mail


Re: Authentication procedure

From: Claes Jakobsson <>
Date: Tue, 7 Jan 2014 08:19:51 +0100


On 7 jan 2014, at 07:42, Shao, Shuchao <> wrote:
> Libcurl send the authentication data with the first GET request, it is not like the IE, firefox etc. IE (firefox etc.) send the authentication data after receiving the 407/401 response code.
> I think it is more reasonable send the authentication data after receiving 407/401 code. Consider the remote peer doesnít need authentication, it will make no sense sending the authentication
> with the first GET request.
> Seems it is very easy to change this behavior, just add a flag for if we receive the 407/401 code, and decide whether to send the authentication data on this flag. Do you think we need a patch for this change?

No, the current behavior is good and doesnít violate any specs. I donít see why we should resubmit the request and waste bandwidth. If you want the behavior you suggest itís easily implemented on your side.

List admin:
Received on 2014-01-07