W3C home > Mailing lists > Public > public-qa-dev@w3.org > April 2004

Re: [meeting] extra Action Item - 2004-04-20

From: Ville Skyttä <ville.skytta@iki.fi>
Date: Wed, 21 Apr 2004 23:44:00 +0300
To: Terje Bless <link@pobox.com>
Cc: QA Dev <public-qa-dev@w3.org>
Message-Id: <1082580239.5301.413.camel@bobcat.mine.nu>

On Wed, 2004-04-21 at 23:31, Terje Bless wrote:
> Ville Skyttä <ville.skytta@iki.fi> wrote:
> 
> >I tried adding it (see /etc/apache2/conf.d/wlc.conf), but for some
> >reason it still does not seem to work, while in my local Apache2
> >(2.0.48, Fedora Core 1) that same hack works just fine.
> 
> AFAIK, getting Apache to pass authentication info on to CGI space requires a
> compile-time option still;

If you are referring to the SECURITY_HOLE_PASS_AUTHORIZATION #define,
I'm pretty sure that distributors like Red Hat do not build their Apache
with it set...

I thought that the mod_rewrite hack deployed on v.w.o (and now at
qa-dev) should work everywhere.  It does here, anyway; and without the
hack, $ENV{HTTP_AUTHORIZATION} is never populated.

>  unless using the native Apache API (in which case
> you should be able to access it directly).

Yep, eg. under mod_perl one can do $r->header_in('Authorization').  This
is already done in checklink but it won't obviously work when it is run
as a ordinary CGI script.
Received on Wednesday, 21 April 2004 16:44:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 19 August 2010 18:12:44 GMT