On Sun, Oct 11, 1998, Niklas Saers wrote:
> Hi. When I want to set the HTTP-header to UnAuthorized (with PHP) which
> works perfectly under Apache port 80. Using mod_ssl and port 443, however,
> fails: malformed header from script. Bad header=HTTP/1.0 401 Unathorized
>
> Anything I should know about SSL? I've noticed it doesn't care much for
> .htaccess-files either, so suddenly my 'secure' system opens up totally.
> ;) Strange world. :) Can anyone tell me a bit about this?
When Apache doesn't care about your .htaccess files this is either the
recently fixed problem (then upgrade to 1.3.3) or your AllowOverride
directives are too restrictive.
The other thing (the 401 Unauthorized header) should work under HTTPS, too. At
least I neither don't know where mod_ssl changes any HTTP protocol-specific
things nor any reasons why a 401 response shouldn't work under HTTPS. Actually
the internal HTTP response processing is done without any SSL-knowledge. So I
assume the problem is not really SSL-related. Instead its perhaps relates to
the way you configured your <VirtualHost>s etc.? Check this first, because
this is the configuration difference between HTTP and HTTPS.
Greetings,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
