VladPolskiy/apache-http-server
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-03 16:33:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

core: Add CGIPassAuth directive to control whether HTTP authorization

Browse Source 
headers are passed to scripts as CGI variables.

PR: 56855


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1642847 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jeff Trawick
2014-12-02 12:20:21 +00:00
parent 6b6f5649ab
commit d49e6f0ad9
6 changed files with 74 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/util_script.c
View File

@ -140,6 +140,8 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
apr_table_t *e;
server_rec *s = r->server;
conn_rec *c = r->connection;
core_dir_config *conf =
(core_dir_config *)ap_get_core_module_config(r->per_dir_config);
const char *env_temp;
const apr_array_header_t *hdrs_arr = apr_table_elts(r->headers_in);
const apr_table_entry_t *hdrs = (const apr_table_entry_t *) hdrs_arr->elts;
@ -188,7 +190,9 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
#ifndef SECURITY_HOLE_PASS_AUTHORIZATION
else if (!strcasecmp(hdrs[i].key, "Authorization")
|| !strcasecmp(hdrs[i].key, "Proxy-Authorization")) {
continue;
if (conf->cgi_pass_auth == AP_CGI_PASS_AUTH_ON) {
add_unless_null(e, http2env(r, hdrs[i].key), hdrs[i].val);
}
}
#endif
else