On Mon, 28 Mar 2022 08:22:26 GMT, Michael McMahon <micha...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/net/www/protocol/http/DigestAuthentication.java
>> line 524:
>>
>>> 522: }
>>> 523:
>>> 524: boolean session = algorithm.endsWith ("-sess");
>>
>> should that be `digest.endsWith("-sess");` ?
>
> No, the digest field refers to the actual message digest algorithm (as known
> to the security libraries). The algorithm field holds the algorithm name as
> it is defined in RFC7616.
I am confused here - because you converted `algorithm` to upper case, so it
should never end with `-sess`?
-------------
PR: https://git.openjdk.java.net/jdk/pull/7688
