Note that both scheme and parameter names are matched case-insensitively.
One such library is lua-http (which I maintain): we had a bug report that our library wouldn't work with Jenkins
Daurn Imator
added a comment - From rfc7617:
Note that both scheme and parameter names are matched case-insensitively.
One such library is lua-http (which I maintain): we had a bug report that our library wouldn't work with Jenkins
It uses an extensible, case-insensitive token to identify the authentication scheme,…
So it's not new.
Daniel Beck
added a comment - RFC 2617 also says
It uses an extensible, case-insensitive token to identify the authentication scheme,…
So it's not new.
Oleg Nenashev
added a comment - There was a pull request for it: https://github.com/jenkinsci/jenkins/pull/2913 . But the author has not finalized it. Anybody can take it from there though
Seems to be a reasonable change.
Could you please provide some info about clients which send such headers?