httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r1815599 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Date Fri, 17 Nov 2017 17:24:28 GMT
Author: jorton
Date: Fri Nov 17 17:24:27 2017
New Revision: 1815599

URL: http://svn.apache.org/viewvc?rev=1815599&view=rev
Log:
Add note on special character handling with FakeBasicAuth.

PR: 52644 

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1815599&r1=1815598&r2=1815599&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Fri Nov 17 17:24:27 2017
@@ -1473,6 +1473,13 @@ The available <em>option</em>s are:</p>
     directive within <module>mod_auth_basic</module> can be used as a more
     general mechanism for faking basic authentication, giving control over the
     structure of both the username and password.</p>
+
+    <note type="warning">
+      <p>The usernames used for <code>FakeBasicAuth</code> must not
+      include any non-ASCII characters, ASCII escape characters (such
+      a newline), or a colon.  If a colon is found, a 403 Forbidden
+      error will be generated with httpd 2.5.1 and later.</p>
+    </note>
 </li>
 <li><code>StrictRequire</code>
     <p>



Mime
View raw message