Can and X params in qry server response?


Status
Not open for further replies.

JJasonClark

Well-known member
Jul 1, 2019
56
11
github.com
The server responds with the next URL to use for the next post request in the qry value. Should this URL include the x param? Should this URL include the can param?

I was thinking that x value would not be sent as part of server responses because the SQRL client should already know what the authentication domain plus x part of path. And potential response qry values could have completely different paths. Including no longer using the initial prefix covered by the x value.

I would have assumed the can param would not even be sent to the SQRL server, but it is. Should the server reflect the value? Can the server change or drop the value and still have a fully functional client?
 
The server responds with the next URL to use for the next post request in the qry value. Should this URL include the x param? Should this URL include the can param?

I was thinking that x value would not be sent as part of server responses because the SQRL client should already know what the authentication domain plus x part of path. And potential response qry values could have completely different paths. Including no longer using the initial prefix covered by the x value.

I would have assumed the can param would not even be sent to the SQRL server, but it is. Should the server reflect the value? Can the server change or drop the value and still have a fully functional client?
Not sure what's intended but I do drop the x and can for the reasons you have provided and have no issues with the clients the ASP.net middleware been tested against.
 

Steve

Administrator
Staff member
May 6, 2018
1,016
307
www.grc.com
The server responds with the next URL to use for the next post request in the qry value. Should this URL include the x param? Should this URL include the can param?

I was thinking that x value would not be sent as part of server responses because the SQRL client should already know what the authentication domain plus x part of path. And potential response qry values could have completely different paths. Including no longer using the initial prefix covered by the x value.

I would have assumed the can param would not even be sent to the SQRL server, but it is. Should the server reflect the value? Can the server change or drop the value and still have a fully functional client?
Hey Jason! Welcome!!

Vela and Liam made me aware of your postings here. I created these forums primarily for user-facing discussion. It's great if developers wish to use them also for interaction, but I cannot be here as well as everywhere else. ANd the operation of these forums doesn't fit with my desire to use messages as placeholders. I depend upon the ability to mark things for follow-up and as "unread" so that I can return to them later.

So... allow me to urge you to come on over to the "grc.sqrl" newsgroup if you have any questions that need my attention. I =WILL= see them there. I won't see them here. (And this is not to suggest that the other devs here might not be able to answer all of your questions. If so, then great! :)

If you're interested:
  1. Find an NNTP Newsreader. I prefer Gravity, but Thunderbird has one built-in. And there are many others.
  2. Point it at the server at: news.grc.com
  3. Configure a strong, unguessable, and IDENTICAL username and password.
    (This identical username & password strongly prevents automated spamming of the newsgroups.)
  4. Make a test posting into the "grc.test" newsgroup, then send me a note to: news007@grc.com (the eMail address shown in my newsgroup posting headers. To let me know that all worked and I'll welcome you to the GRC.SQRL group! :)
Again... that's all optional. But you're 100% welcome to join us over where SQRL was born. :)

Thanks!
 
  • Like
Reactions: TechLiam

Steve

Administrator
Staff member
May 6, 2018
1,016
307
www.grc.com
Jason! I saw your successful posting to grc.test. You've got a newsreader configured correctly! Come on over to grc.sqrl and say hi! :)

And... welcome!! :)
 
  • Like
Reactions: JJasonClark
Status
Not open for further replies.