https://tools.ietf.org/html/rfc7617 This RFC describes how to implement Basic authentication for usernames and passwords that are not restricted to characters below U+0100. The BasicAuthenticator class should be updated to refer to RFC 7617 instead of the obsolete RFC 2617. The character set used in BasicAuthenticator class should be made configurable.
Fixed in: - trunk for 9.0.0.M27 onwards - 8.5.x for 8.5.21 onwards - 8.0.x for 8.0.47 onwards - 7.0.x for 7.0.82 onwards Note that it is disabled by default for all versions since browser support for RFC 7617 is very patchy.