[Web-SIG] HTTP headers encoding
Henry Precheur
henry at precheur.org
Thu Dec 3 20:26:28 CET 2009
On Thu, Dec 03, 2009 at 05:09:31PM +0100, Manlio Perillo wrote:
> This is really a mess.
RFC 2617 doesn't specify any encoding for its headers, so it should be
latin-1 everywhere. But on the web nobody respect standards.
> How is authorization username handled in common WSGI frameworks?
As far as I know, they don't handle this. They just return the string
without dealing with the encoding issues.
I think there is no correct way of handling this, because 99% of
username/password contain only ascii characters. A possible 'workaround'
would be to limit yourself to the ascii charset. If you get a non-ascii
character raise an Exception.
--
Henry Prêcheur
More information about the Web-SIG
mailing list