Closed StanTwinB closed 8 years ago
A 302 redirect copies all of the headers from the original request, we should strip Authorization, because it shouldn't be included in the redirect's header since it was only relevant to the original request.
@NSProgrammer @kgoodier this is pretty high priority. It can break certain WebView specific authorization workflows.
+2
A 302 redirect copies all of the headers from the original request, we should strip Authorization, because it shouldn't be included in the redirect's header since it was only relevant to the original request.