https://issues.apache.org/bugzilla/show_bug.cgi?id=48982
Summary: FcgidPassHeader + PHP HTTP Authentication
Product: Apache httpd-2
Version: 2.2.15
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_fcgid
AssignedTo: [email protected]
ReportedBy: [email protected]
I dont know the FastCGI RFC, the fact is PHP expects the Authorization HTTP
request line for HTTP authentication in case sensitive way exactly as
HTTP_AUTHORIZATION. It is in sapi/cgi/cgi_main.c:
/* The CGI RFC allows servers to pass on unvalidated
Authorization data */
auth = sapi_cgibin_getenv("HTTP_AUTHORIZATION",
sizeof("HTTP_AUTHORIZATION")-1 TSRMLS_CC);
php_handle_auth_data(auth TSRMLS_CC);
If I pass this header using
FcgidPassHeader Authorization
It of course wont work. Right now I simply rewrited those constants in the PHP
source code, and it works like a charm:
auth = sapi_cgibin_getenv("Authorization",
sizeof("Authorization")-1 TSRMLS_CC);
php_handle_auth_data(auth TSRMLS_CC);
Please fix fcgid_add_cgi_vars by calling some upper case conversion and HTTP_
prefix concatenation functions, or tell me if its unambiguously a PHP bug, so i
start bugging the PHP developers.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
