httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From iga...@apache.org
Subject svn commit: r1415961 - in /httpd/httpd/branches/2.4.x/docs/manual/mod: ./ mod_auth_digest.xml
Date Sat, 01 Dec 2012 09:53:55 GMT
Author: igalic
Date: Sat Dec  1 09:53:54 2012
New Revision: 1415961

URL: http://svn.apache.org/viewvc?rev=1415961&view=rev
Log:
merge r1415960

Modified:
    httpd/httpd/branches/2.4.x/docs/manual/mod/   (props changed)
    httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_digest.xml

Propchange: httpd/httpd/branches/2.4.x/docs/manual/mod/
------------------------------------------------------------------------------
  Merged /httpd/httpd/trunk/docs/manual/mod:r1415960

Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_digest.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_digest.xml?rev=1415961&r1=1415960&r2=1415961&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_digest.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_digest.xml Sat Dec  1 09:53:54 2012
@@ -71,60 +71,13 @@
 
     <note><title>Note</title>
     <p>Digest authentication is more secure than Basic authentication,
-    but only works with supporting browsers. As of September 2004, major
-    browsers that support digest authentication include <a
-    href="http://www.w3.org/Amaya/">Amaya</a>, <a
-    href="http://konqueror.kde.org/">Konqueror</a>, <a
-    href="http://www.microsoft.com/windows/ie/">MS Internet Explorer</a>
-    for Mac OS X and Windows (although the Windows version fails when
-    used with a query string -- see "<a href="#msie" >Working with MS
-    Internet Explorer</a>" below for a workaround), <a
-    href="http://www.mozilla.org">Mozilla</a>, 
-    Netscape 7, <a href="http://www.opera.com/">Opera</a>, and <a
-    href="http://www.apple.com/safari/">Safari</a>. <a
-    href="http://lynx.isc.org/">lynx</a> does <strong>not</strong>
-    support digest authentication. Since digest authentication is not as
-    widely implemented as basic authentication, you should use it only
-    in environments where all users will have supporting browsers.</p>
+    but only works with supporting browsers. As of this writing (December
+    2012) all major browsers support digest authentication.</p>
     <p><module>mod_auth_digest</module> only works properly on platforms
       where APR supports shared memory.</p>
     </note>
 </section>
 
-<section id="msie"><title>Working with MS Internet Explorer</title>
-    <p>The Digest authentication implementation in previous Internet
-    Explorer for Windows versions (5 and 6) had issues, namely that
-    <code>GET</code> requests with a query string were not RFC compliant.
-    There are a few ways to work around this issue.</p>
-
-    <p>
-    The first way is to use <code>POST</code> requests instead of
-    <code>GET</code> requests to pass data to your program.  This method
-    is the simplest approach if your application can work with this
-    limitation.
-    </p>
-
-    <p>Since version 2.0.51 Apache also provides a workaround in the
-    <code>AuthDigestEnableQueryStringHack</code> environment variable.
-    If <code>AuthDigestEnableQueryStringHack</code> is set for the
-    request, Apache will take steps to work around the MSIE bug and
-    remove the query string from the digest comparison.  Using this
-    method would look similar to the following.</p>
-
-    <example><title>Using Digest Authentication with MSIE:</title>
-    <highlight language="config">
-        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
-    </highlight>
-    </example>
-
-    <p>This workaround is not necessary for MSIE 7, though enabling it does
-    not cause any compatibility issues or significant overhead.</p>
-
-    <p>See the <directive module="mod_setenvif">BrowserMatch</directive>
-    directive for more details on conditionally setting environment
-    variables.</p>
-</section>
-
 
 <directivesynopsis>
 <name>AuthDigestProvider</name>



Mime
View raw message