If-None-Match header - Sending multiple Etags doesn't work if unauthenticated

GitHub documentation about conditional requests.

If-None-Match syntax for sending multiple Etags (from Mozilla docs):

If-None-Match: "<etag_value>", "<etag_value>", …

Authenticated:

The Etag here is specific to my credentials, use curl -I to see the Etag for you:

$ curl -v https://api.github.com/repos/facebookresearch/madgrad/tags \
-u {USERNAME}:{TOKEN} -H "Accept: application/vnd.github.full+json" \
-H 'If-None-Match: "838051ea80e86185577f1f55721b290283dc6e4832152447304c68473a06ee71", "12345"'

(curl -v is used to see headers being sent; > is sent to server, < is received)

Partial output:

> if-none-match: "838051ea80e86185577f1f55721b290283dc6e4832152447304c68473a06ee71", "12345"
< HTTP/2 304
< etag: "838051ea80e86185577f1f55721b290283dc6e4832152447304c68473a06ee71"

Not authenticated:

$ curl -v https://api.github.com/repos/facebookresearch/madgrad/tags \
-H "Accept: application/vnd.github.full+json" \
-H 'If-None-Match: "1bce01d6d3824e099c57a80405407209c46e8c466384c77b882a0ba7b6bf70da", "12345"'

Partial output, notice it sent back the normal HTTP 200:

> if-none-match: "1bce01d6d3824e099c57a80405407209c46e8c466384c77b882a0ba7b6bf70da",  "12345"
< HTTP/2 200
< etag: "1bce01d6d3824e099c57a80405407209c46e8c466384c77b882a0ba7b6bf70da"

Not authenticated, sending only one Etag:

$ curl -v https://api.github.com/repos/facebookresearch/madgrad/tags \
-H "Accept: application/vnd.github.full+json" \
-H 'If-None-Match: "1bce01d6d3824e099c57a80405407209c46e8c466384c77b882a0ba7b6bf70da"'

Partial output:

> if-none-match: "1bce01d6d3824e099c57a80405407209c46e8c466384c77b882a0ba7b6bf70da"
< HTTP/2 304
< etag: "1bce01d6d3824e099c57a80405407209c46e8c466384c77b882a0ba7b6bf70da"

The example URL I used was a tags request for a repo without any (so an empty response), but some brief tests seem to show the same results for repos with tags, releases requests, and release assets.