Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
net/http: Basic Auth header should not be case sensitive #22736
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
You state that rails/rails#21199 "incorrectly uses RFC 2617 section 1 as justification"; I would argue that the justification is entirely correct. RFC 2617 describes the framework of an authentication method and two specific schemes that use the framework . Since the framework definition in section 1.2 says it "uses an extensible, case-insensitive token to identify the authentication scheme", an individual scheme cannot change this and treat the token as case sensitive, nor does each defined scheme need to specify that the token is case insensitive.