From: "Shawn O. Pearce" <spearce@xxxxxxxxxxx> Signed-off-by: Tay Ray Chuan <rctay89@xxxxxxxxx> -- To Shawn: sign-off-by needed. Based on the discussion in <20091009195035.GA15153@xxxxxxxxxxxxxxxxxxxxxxx>, <20091015165228.GO10505@xxxxxxxxxxx> (patch), <20091015173902.GA22262@xxxxxxxxxxxxxxxxxxxxx> (agreement) From: "Shawn O. Pearce" <spearce@xxxxxxxxxxx> Message-ID: <20091015165228.GO10505@xxxxxxxxxxx> I weakend the sections on cookies: + Authentication + -------------- .... + Servers SHOULD NOT require HTTP cookies for the purposes of + authentication or access control. and that's all we say on the matter. I took out the Servers MUST NOT line under session state. --- Documentation/technical/http-protocol.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/technical/http-protocol.txt b/Documentation/technical/http-protocol.txt index 412b898..2382384 100644 --- a/Documentation/technical/http-protocol.txt +++ b/Documentation/technical/http-protocol.txt @@ -52,7 +52,7 @@ Clients SHOULD support Basic authentication as described by RFC 2616. Servers SHOULD support Basic authentication by relying upon the HTTP server placed in front of the Git server software. -Servers MUST NOT require HTTP cookies for the purposes of +Servers SHOULD NOT require HTTP cookies for the purposes of authentication or access control. Clients and servers MAY support other common forms of HTTP based -- 1.8.4.rc4.527.g303b16c -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html