You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Nov 20, 2019. It is now read-only.
The scenario where you want to combine two authorization schemes is invalid. Browsers (when using basic auth) will send an Authorization header with each request. If the client code also uses an Authorization header the result is unpredictable. The RFC does not allow multiple authorization schemes using the Authorization header.
This will be a non-backward compatible change as applications would need to switch to X-Authorization or something similar if they wish to combine with basic auth.
The scenario where you want to combine two authorization schemes is invalid. Browsers (when using basic auth) will send an
Authorizationheader with each request. If the client code also uses anAuthorizationheader the result is unpredictable. The RFC does not allow multiple authorization schemes using theAuthorizationheader.This will be a non-backward compatible change as applications would need to switch to
X-Authorizationor something similar if they wish to combine with basic auth.