https://issues.apache.org/bugzilla/show_bug.cgi?id=51138
--- Comment #5 from Jelmer Kuperus <jel...@jteam.nl> 2011-05-02 14:58:12 UTC --- Fine but then why is an Authorization header with a base64 encoded username and password allowed in tomcat. Base64 strings end with ==, and = is also a separator character per rfc2616 -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
