The following reply was made to PR config/3000; it has been noted by GNATS.
From: Randy Jae Weinstein <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: config/3000: BrowserMatch(NoCase)/SetEnvIf(NoCase) allowed in
htaccess
Date: Wed, 2 Dec 1998 20:03:25 -0500 (EST)
You should be able to do this with BrowserMatch/SetEnfIf and
mod_rewrite. mod_rewrite allows you to make decisions based upon
environment variables.
Ken --
What you CAN currently do now (and what I am doing) is something like
this:
--- .htaccess file contents ---------------------------------------------------
satisfy all
allow from all
AuthType Basic
AuthNameClass Transcripts
AuthExternal kerbcheck
require user ..... # list all valid users
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} MSIE [OR]
RewriteCond %{HTTP_USER_AGENT} !^Mozilla/[4-9]\.
RewriteRule ^.* /~myid/Errors/BrowserCompatability.html [L]
------------------------------------------------------------------------------
The problem with this is, since the authentication modules are carried out
before the rewrite modules, one needs to authenticate first! If the user
successfuly authenticates and is using a non-compatible browser an error
message appears (waiste of an authentication).
What I proposed, would stop this problem. It would allow something like:
--- Proposed .htaccess file contents ------------------------------------------
SetEnvIf HTTP_USER_AGENT "^Mozilla/[0-3]" Netscape
<IfDefine Netscape>
satisfy all
allow from all
AuthType Basic
AuthNameClass Transcripts
AuthExternal kerbcheck
require user ..... # list all valid users
</IfDefine>
<IfDefine !Netscape>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} MSIE [OR]
RewriteCond %{HTTP_USER_AGENT} !^Mozilla/[4-9]\.
RewriteRule ^.* /~myid/Errors/BrowserCompatability.html [L]
</IfDefine>
------------------------------------------------------------------------------
As you can see, if the netscape browser is noted, then the user is asked
to authenticate, and if it is a non-netscape browswer, the user doesn't
authenticate andjust receives an error message!
This would be of great use to me and I'm sure would add the flexability
that would allow others to make use of it to. My request calls for,
SetEnvIf to be used in the htaccess file and allow IfDefine to accept the
paramter-name from SetEnvIf.
-Cheers,
RJW
PS - Sorry I haven't replied to this in like 2 months, but I usually get
emailed when the PR is replied to and that wasn't the case this time. :(.
Anyway, I hope this _great_ feature can be implemented. The lower of the
SetEnvIf shouldn't be hard (as the code is already written), and IfDefine
or whatever it is to be called in this case should be hard to modify.
THANKS FOR THE LOOK and the implementation :-)
