New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow comma separated authentication headers #8889
Comments
care to share some code snippets? |
I believe the primary reason why this wasn't done was to allow people to disable the |
Would it be possible to allow user to disable it thru settings? So that other users can have the option to show the full header |
@kevin-brown |
django-rest-framework/rest_framework/views.py
Line 183 in 3f8ab53
Since
WWW-Authenticate
allows comma separated challenges https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/WWW-Authenticate#syntax, why not enable that here by returning headers from all authenticators instead of just the first one?The text was updated successfully, but these errors were encountered: