Hello, while I'm working on the fix for the authentication I would like to remove one think that I don't like. The component will overwrite the Username and Password properties when an user and a password is specified in the url.
The problem is that when the user set another url without user and password then the properties mantains the values specified in the previous url. This will mean that it is possible that these values could be sent to the wrong server, and if a basic authentication is used, it could be a security issue. I would like to change this behaviour in the following way. The user will be get from url if present, otherwise from the Username property. The same for the password. The properties will be not changed anymore. Before doing this I want to hear the opinion of all developers that are in this mailing list, in particular if there are good reasons to do not apply these changes. The same logic will apply to Connection and ProxyConnection, but it's overwriting appeared very recently, so I don't think that it will break any existing code. More probably is true the opposite. Bye, Maurizio. ---------------------------------------------------- This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
