Modified example for mod_rewrite to not add Authorization header if it is not set in the request

2012-05-22 14:38:37 +02:00 · 2012-05-22 14:38:37 +02:00 · 0935964b29
commit 0935964b29
parent 517ae43fe9
1 changed files with 3 additions and 1 deletions
--- a/src/Symfony/Component/HttpFoundation/ServerBag.php
+++ b/src/Symfony/Component/HttpFoundation/ServerBag.php
@ -44,11 +44,13 @@ class ServerBag extends ParameterBag
        } else {
            /*
             * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default
-             * For this workaround to work, add this line to your .htaccess file:
+             * For this workaround to work, add these lines to your .htaccess file:
+             * RewriteCond %{HTTP:Authorization} ^(.+)$
             * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
             *
             * A sample .htaccess file:
             * RewriteEngine On
+             * RewriteCond %{HTTP:Authorization} ^(.+)$
             * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
             * RewriteCond %{REQUEST_FILENAME} !-f
             * RewriteRule ^(.*)$ app.php [QSA,L]