The UMP spec says: [[ The user agent must not add any information obtained from: HTTP cookies, HTTP Auth headers, client certificates, or the referring resource, including its origin (other than the request parameters). ]]
Does this include the Proxy-Authorization header? If so, how can clients behind proxies that require authorization use web sites that depend on UMP? Adam
