[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request ]
[from a developer. ]
[Reply only with text; DO NOT SEND ATTACHMENTS! ]
Synopsis: When using apache as a proxy, Proxy-authorization not passed to local
CGI
Comment-Added-By: coar
Comment-Added-When: Sun Sep 27 09:15:48 PDT 1998
Comment-Added:
[More information from submitter]
Ok a little follow up :
-----------------------
I solved the problem by using the following directive :
RewriteRule ^proxy:(http:.*) /cgi-bin/proxy.cgi?$1 [PT]
But, it showed me another problem. We have the followin config
Network===apache proxy======>proxy WITH authentification====internet
\\
==========>proxy WITHOUT authentification===other intranet
When we try to go out to the internet, the client receives an authentification
request. But when it answers, the Proxy-authorization field is blocked by
the apache proxy (modules/proxy/proxy_http.c). There should be a flag in
the ProxyRemote directive telling if a remote proxy should get the
authorization field or not... As a temporary patch, I removed some
code from modules/proxy/proxy_http.c, but ANY remote server receives the
authorization field which is NOT secure at all !
Paul
