Closed rwiker closed 4 years ago
Most clients strip the Authorization header on redirects, for security reasons.
There is a recent IETF draft concerning redirects and authorization (https://tools.ietf.org/html/draft-williams-http-accept-auth-and-redirect-00) that should probably be included in future work on Drakma.
Most clients strip the Authorization header on redirects, for security reasons.
There is a recent IETF draft concerning redirects and authorization (https://tools.ietf.org/html/draft-williams-http-accept-auth-and-redirect-00) that should probably be included in future work on Drakma.