redirection target is not access protected and pass it
to scripts using the REDIRECT_REMOTE_USER environment variable.
PR: 10678, 11602.
Reviewed by: Jeff Trawick, Justin Erenkrantz
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@100751
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.48
+ *) Remember an authenticated user during internal redirects if the
+ redirection target is not access protected and pass it
+ to scripts using the REDIRECT_REMOTE_USER environment variable.
+ PR 10678, 11602. [André Malo]
+
*) mod_include: Fix a trio of bugs that would cause various unusual
sequences of parsed bytes to omit portions of the output stream.
PR 21095. [Ron Park <ronald.park@cnet.com>, André Malo, Cliff Woolley]
APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2003/07/23 20:28:26 $]
+Last modified at [$Date: 2003/07/23 21:53:41 $]
Release:
modules/ssl/ssl_engine_vars.c: r1.24
+1: trawick, nd
- * pass REDIRECT_REMOTE_USER to the script if REMOTE_USER doesn't
- exist and the original request is protected.
- server/util_script.c: r1.82
- support/suexec.c: r1.27
- +1: nd, trawick, jerenkrantz
-
* use the appropriate folder icon, even if there's a directoryindex
listed file in the particular folder. PR 9587
modules/generators/mod_autoindex.c r1.120
if (r->user) {
apr_table_addn(e, "REMOTE_USER", r->user);
}
+ else if (r->prev) {
+ request_rec *back = r->prev;
+
+ while (back) {
+ if (back->user) {
+ apr_table_addn(e, "REDIRECT_REMOTE_USER", back->user);
+ break;
+ }
+ back = back->prev;
+ }
+ }
if (r->ap_auth_type) {
apr_table_addn(e, "AUTH_TYPE", r->ap_auth_type);
}
"REMOTE_PORT=",
"REMOTE_USER=",
"REDIRECT_QUERY_STRING=",
+ "REDIRECT_REMOTE_USER=",
"REDIRECT_STATUS=",
"REDIRECT_URL=",
"REQUEST_METHOD=",
projects / thirdparty / apache / httpd.git / commitdiff
