Closed jricher closed 7 years ago
if a client fails to send the text 'Basic' at the beginning of the auth header, the auth server code isn't smart enough to treat that as a bad request and tries to look up the client anyway.
if a client fails to send the text 'Basic' at the beginning of the auth header, the auth server code isn't smart enough to treat that as a bad request and tries to look up the client anyway.