- From: Ville Skyttä <ville.skytta@iki.fi>
- Date: Wed, 21 Apr 2004 23:44:00 +0300
- To: Terje Bless <link@pobox.com>
- Cc: QA Dev <public-qa-dev@w3.org>
On Wed, 2004-04-21 at 23:31, Terje Bless wrote:
> Ville Skyttä <ville.skytta@iki.fi> wrote:
>
> >I tried adding it (see /etc/apache2/conf.d/wlc.conf), but for some
> >reason it still does not seem to work, while in my local Apache2
> >(2.0.48, Fedora Core 1) that same hack works just fine.
>
> AFAIK, getting Apache to pass authentication info on to CGI space requires a
> compile-time option still;
If you are referring to the SECURITY_HOLE_PASS_AUTHORIZATION #define,
I'm pretty sure that distributors like Red Hat do not build their Apache
with it set...
I thought that the mod_rewrite hack deployed on v.w.o (and now at
qa-dev) should work everywhere. It does here, anyway; and without the
hack, $ENV{HTTP_AUTHORIZATION} is never populated.
> unless using the native Apache API (in which case
> you should be able to access it directly).
Yep, eg. under mod_perl one can do $r->header_in('Authorization'). This
is already done in checklink but it won't obviously work when it is run
as a ordinary CGI script.
Received on Wednesday, 21 April 2004 16:44:09 UTC