| Package home | Report new bug | New search | Development Roadmap | Status: Open | Feedback | All | Closed Since Version 1.0.0RC8 |
| Request #14141 | Add HTTP auth support for CGI | ||
|---|---|---|---|
| Submitted: | 2008-06-14 16:34 UTC | ||
| From: | yunosh | Assigned: | hholzgra |
| Status: | Assigned | Package: | HTTP_WebDAV_Server (version 1.0.0RC4) |
| PHP Version: | Irrelevant | OS: | |
| Roadmaps: | (Not assigned) | ||
[2008-06-14 16:34 UTC] yunosh
(Jan Schneider)
Description:
------------
Hi Hartmut,
the patch at http://janschneider.de/webdav_cgi.diff adds HTTP basic authentication support even when using PHP CGI.
Comments
[2008-06-15 10:31 UTC] hholzgra
(Hartmut Holzgraefe)
Hi Jan,
great, thanks! :)
I just have two questions on the patch that i can't answer myself by testing right now:
1) shouldn't PHP_AUTH_USER be checked with !isset(), not empty()?
with empty() the legal (but unlikely?) case of "0" being used as a user name would not be supported?
2) is it always _SERVER["Authorization"] or could there be differences in the name case, e.g. _SERVER["AUTHORIZATION"], too?
[2008-06-15 10:40 UTC] yunosh
(Jan Schneider)
Regarding isset() vs. empty() you are right.
Regarding the uppercase header name: I have only seen "Authorization" in the wild so far, and that's what we use in Horde's RPC server since a few years now, without any problems.