[The syntax for auth-param of an Authorization header according to RFC 7235 Section 2.1](http://tools.ietf.org/html/rfc7235#section-2.1) is: ``` auth-param = token BWS "=" BWS ( token / quoted-string ) ``` and that [recipient MUST parse for such bad whitespace and remove it before interpreting the protocol element](http://tools.ietf.org/html/rfc7230#section-3.2.3). However webob doesn't remove the BWS (bad whitespace) around the equal sign: ``` In [1]: parse_auth_params('a= "2", b=3 , c =4') Out[1]: {'a': ' "2', 'b': '3 '} ``` Expected behavior: ``` In [2]: parse_auth_params('a= "2", b=3 , c =4') Out[2]: {'a': '2', 'b': '3', 'c': '4'} ```
The syntax for auth-param of an Authorization header according to RFC 7235 Section 2.1 is:
and that recipient MUST parse for such bad whitespace and remove it before interpreting the protocol element.
However webob doesn't remove the BWS (bad whitespace) around the equal sign:
Expected behavior: