merb-auth: Pass response headers through to the application
Reported by Paul Sadauskas (Rando) | November 21st, 2008 @ 03:47 PM
In http digest auth, it is possible and advantageous to set an 'Authentication-Info' header with details that can be used by the client to pre-authorize for the next request. Currently, any headers that get set during a strategy are 'forgotten', and not available in the main merb application, and consequently doesn't make it back to the client. The patch makes that possible.