<p>This document supplements the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
<a href="../mod/mod_rewrite.html">reference documentation</a>.
It describes how one can use Apache's <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
- to solve typical URL-based problems webmasters are usually confronted
- with in practice. I give detailed descriptions on how to
+ to solve typical URL-based problems with which webmasters are
+ commonony confronted. We give detailed descriptions on how to
solve each problem by configuring URL rewriting rulesets.</p>
</div>
<p>The Apache module <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> is a killer
one, i.e. it is a really sophisticated module which provides
- a powerful way to do URL manipulations. With it you can nearly
- do all types of URL manipulations you ever dreamed about.
+ a powerful way to do URL manipulations. With it you can do nearly
+ all types of URL manipulations you ever dreamed about.
The price you have to pay is to accept complexity, because
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>'s major drawback is that it is
not easy to understand and use for the beginner. And even
<p>Here come a lot of practical solutions I've either invented
- myself or collected from other peoples solutions in the past.
+ myself or collected from other people's solutions in the past.
Feel free to learn the black magic of URL rewriting from
these examples.</p>
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#msie">Working with MS Internet Explorer</a></li>
</ul><h3>See also</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li>
than Basic authentication, but only works with supporting
browsers. As of November 2002, the major browsers that support digest
authentication are <a href="http://www.opera.com/">Opera</a>, <a href="http://www.microsoft.com/windows/ie/">MS Internet
- Explorer</a> (fails when used with a query string), <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://www.mozilla.org">Mozilla</a> and <a href="http://channels.netscape.com/ns/browsers/download.jsp">Netscape</a> since version 7. Since digest authentication is not
+ Explorer</a> (fails when used with a query string - see the
+ <code class="directive"><a href="#authdigestenablequerystringhack ">AuthDigestEnableQueryStringHack
+ </a></code> option below for a workaround), <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://www.mozilla.org">Mozilla</a> and <a href="http://channels.netscape.com/ns/browsers/download.jsp">Netscape</a> since version 7. Since digest authentication is not
as widely implemented as basic authentication, you should use it only
in controlled environments.</p>
</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="msie" id="msie">Working with MS Internet Explorer</a></h2>
+ <p>The Digest authentication implementation in current Internet
+ Explorer implementations has known issues, namely that <code>GET</code>
+ requests with a query string are not RFC compliant. There are a
+ few ways to work around this issue.</p>
+
+ <p>
+ The first way is to use <code>POST</code> requests instead of
+ <code>GET</code> requests to pass data to your program. This method
+ is the simplest approach if your application can work with this
+ limitation.
+ </p>
+
+ <p>Apache also provides a workaround in the
+ <code>AuthDigestEnableQueryStringHack</code> environment variable.
+ If <code>AuthDigestEnableQueryStringHack</code> is true for the
+ request, Apache will take steps to work around the MSIE bug and
+ remove the request URI from the digest comparison. Using this
+ method would look similar to the following.</p>
+
+ <div class="example"><h3>Using Digest Authentication with MSIE:</h3><p><code>
+ BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
+ </code></p></div>
+
+ <p>See the <code class="directive"><a href="../mod/mod_setenvif.html#browsermatch">BrowserMatch</a></code>
+ directive for more details on conditionally setting environment
+ variables</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2>
projects / thirdparty / apache / httpd.git / commitdiff
