From: Igor Galić <igalic@apache.org>
Date: Sat, 1 Dec 2012 09:56:30 +0000 (+0000)
Subject: merge r1415960
X-Git-Tag: 2.2.24~76
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f64fc52027d5a3e0bfebf43eab11d5d892132921;p=thirdparty%2Fapache%2Fhttpd.git

merge r1415960

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1415962 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_auth_digest.xml b/docs/manual/mod/mod_auth_digest.xml
index 1ccfcf6e20b..ec1982e328f 100644
--- a/docs/manual/mod/mod_auth_digest.xml
+++ b/docs/manual/mod/mod_auth_digest.xml
@@ -71,57 +71,11 @@
 
     <note><title>Note</title> 
     <p>Digest authentication is more secure than Basic authentication,
-    but only works with supporting browsers. As of September 2004, major
-    browsers that support digest authentication include <a
-    href="http://www.w3.org/Amaya/">Amaya</a>, <a
-    href="http://konqueror.kde.org/">Konqueror</a>, <a
-    href="http://www.microsoft.com/windows/ie/">MS Internet Explorer</a>
-    for Mac OS X and Windows (although the Windows version fails when
-    used with a query string -- see "<a href="#msie" >Working with MS
-    Internet Explorer</a>" below for a workaround), <a
-    href="http://www.mozilla.org">Mozilla</a>, <a
-    href="http://channels.netscape.com/ns/browsers/download.jsp">
-    Netscape</a> 7, <a href="http://www.opera.com/">Opera</a>, and <a
-    href="http://www.apple.com/safari/">Safari</a>. <a
-    href="http://lynx.isc.org/">lynx</a> does <strong>not</strong>
-    support digest authentication. Since digest authentication is not as
-    widely implemented as basic authentication, you should use it only
-    in environments where all users will have supporting browsers.</p>
+    but only works with supporting browsers. As of this writing (December
+    2012) all major browsers support digest authentication.</p>
     </note>
 </section>
 
-<section id="msie"><title>Working with MS Internet Explorer</title>
-    <p>The Digest authentication implementation in previous Internet
-    Explorer for Windows versions (5 and 6) had issues, namely that
-    <code>GET</code> requests with a query string were not RFC compliant.
-    There are a few ways to work around this issue.</p>
-
-    <p>
-    The first way is to use <code>POST</code> requests instead of
-    <code>GET</code> requests to pass data to your program.  This method
-    is the simplest approach if your application can work with this
-    limitation.
-    </p>
-
-    <p>Since version 2.0.51 Apache also provides a workaround in the
-    <code>AuthDigestEnableQueryStringHack</code> environment variable.
-    If <code>AuthDigestEnableQueryStringHack</code> is set for the
-    request, Apache will take steps to work around the MSIE bug and
-    remove the query string from the digest comparison.  Using this
-    method would look similar to the following.</p>
-
-    <example><title>Using Digest Authentication with MSIE:</title>
-    BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
-    </example>
-
-    <p>This workaround is not necessary for MSIE 7, though enabling it does
-    not cause any compatibility issues or significant overhead.</p>
-
-    <p>See the <directive module="mod_setenvif">BrowserMatch</directive>
-    directive for more details on conditionally setting environment
-    variables.</p>
-</section>
-
 
 <directivesynopsis>
 <name>AuthDigestProvider</name>