Issue #670454 by pwolanin, cburschka, effulgentsia: Support HTTP Auth…

…orization in CGI environments.
kalamuna · Aug 5, 2013 · 7a036f1 · 7a036f1
1 parent f58bc6a
commit 7a036f1
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/.htaccess b/.htaccess
@@ -63,6 +63,10 @@ DirectoryIndex index.php index.html index.htm
   RewriteCond %{HTTPS} on
   RewriteRule ^ - [E=protossl:s]
 
+  # Make sure Authorization HTTP header is available to PHP
+  # even when running as CGI or FastCGI.
+  RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
   # Block access to "hidden" directories whose names begin with a period. This
   # includes directories used by version control systems such as Subversion or
   # Git to store control files. Files whose names begin with a period, as well

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
@@ -1,6 +1,8 @@
 
 Drupal 7.23, xxxx-xx-xx (development version)
 -----------------------
+- Changed the default .htaccess file to support HTTP authorization in CGI
+  environments.
 - Changed the password reset form to pre-fill the username when requested via a
   URL query parameter, and used this in the error message that appears after a
   failed login attempt (minor data structure and behavior change).