[Io] Re: Web Clients (was Re: Monticello authentication methods?)
Ken Causey
ken at kencausey.com
Thu Sep 14 23:32:11 UTC 2006
On Thu, 2006-09-14 at 16:16 -0700, Todd Blanchard wrote:
> Oh, I thought we had decided on the HC client. Although, I confess
> I've been looking at both. Would the right thing to do be to just
> pick one and replace the existing HTTPSocket implementation with it?
I think anyone who provides a finished solution that is any appreciable
amount better than the current solution will be welcomed. If you have
an interest in putting the time into it then I applaud you and will
likely support any solution you come up with.
> I really would like to see HTTPSocket die and I'm sorry I didn't
> follow through on that last spring. For some reason I thought you
> were talking with the author of one or the other packages and getting
> clearance for inclusion.
No need to apologize, it doesn't appear that any of the rest of us have
put forth any more time or effort into this issue. I think though if
you go back to the discussion in April
http://lists.squeakfoundation.org/pipermail/io/2006-April/date.html
you will find that the clearance was provided
http://lists.squeakfoundation.org/pipermail/io/2006-April/000105.html
and if you drill down to the current release it lists SqueakL as the
license
http://map.squeak.org/package/8644a5ff-923c-438f-b5b0-a281de346040/autoversion/1
Let me note however that I merely pursued this to remove that particular
impediment to it being considered along with the other options. I
didn't evaluate it any further and certainly did not mean to indicate
that I preferred it above any of the other solutions.
Ken
>
> On Sep 14, 2006, at 8:58 AM, Ken Causey wrote:
>
> > There was discussion of replacing it within the IO team, but never any
> > decision as to what to replace it with. That was back in April and
> > there's been no further discussion or action since then that I'm aware
> > of.
> >
> > Ken
> >
> > On Thu, 2006-09-14 at 01:23 -0700, Todd Blanchard wrote:
> >> I was under the impression we were going to deprecate that stuff in
> >> favor of the Steve Waring's http client package.
> >>
> >> Right Ken?
> >>
> >> -Todd Blanchard
> >>
> >> On Sep 13, 2006, at 11:21 PM, stephane ducasse wrote:
> >>
> >>> So why a group of guy start to fix it!
> >>> Let's try to step by step little peeble by little peeble
> >>> improve...No giant step just a tiny and simple one
> >>>
> >>>>> Note that this is not doing you any good security-wise, because
> >>>>> MC will
> >>>>> send the basic-auth user:password anyway, and only if that fails,
> >>>>> digest
> >>>>> is tried. HTTPSocket authentication needs to be completely
> >>>>> reworked.
> >>>>
> >>>> Not only authentication, everything. The whole class is just awful.
> >>>>
> >>>> Philippe
> >>>>
> >>>
> >>>
> >>
> >>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.squeakfoundation.org/pipermail/io/attachments/20060914/8e8ded0d/attachment.pgp
More information about the Io
mailing list