* Jason A. Donenfeld <[email protected]> [2012-10-28]: > On Tue, Oct 16, 2012 at 3:15 AM, Valentin Haenel <[email protected]> > wrote: > > > > When cgit sits on a backend server and relies on a set of > > front-ends to do authentication, it will read the username > > from an environment variable defined by this option. > > > > In this way, one can safely use any forwarded HTTP header > > and not only the expected REMOTE_USER variable set by the > > CGI standard. > > > Why is this necessary at all? Won't helper programs be given the full > environment of the parent program (cgit<--cgi server), and so it can > be up to the helper script to determine the username by getting the > env var itself? The book keeping inside cgit in this patch seems > wasteful.
The only reason to fetch the remote_user would be to echo back an appropriate error message. V- _______________________________________________ cgit mailing list [email protected] http://hjemli.net/mailman/listinfo/cgit
