httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kfir Dadosh <dad...@checkpoint.com>
Subject RE: Safari - Why?
Date Sun, 05 Apr 2009 08:55:57 GMT
I know sometimes safari add spaces to the cookie value.
Try something like "^(.*)?logged_out= *1(.*)?$

I don't remember the syntax for space matching.

HTH,

Kfir

-----Original Message-----
From: Michele Waldman [mailto:mmwaldman@nyc.rr.com] 
Sent: Friday, April 03, 2009 10:09 PM
To: modules-dev@httpd.apache.org
Subject: Safari - Why?

I have a setenvif which works when using ie and ff, but not safari.  Since
it's on the server-side, I figured it should always work just as long as the
browser sets the HTTP Headers correctly.

SetEnvIf Cookie "logged_out=1" logged_out_env=1
Order Allow,Deny
Deny from env=logged_out_env

SetEnvIf Authorization "realm=\"account\"" logged_in_env=1
Order Allow,Deny
Allow from env=logged_in_env

I set the realm with htaccess digest and the cookie with php.

I've tried things like "^(.*)?logged_out=1(.*)?$", etc.

For some reason neither of these statements allow the user access when using
Safari, but if I turn the orders off and look at phpinfo, the headers look
like:

Cookie
__utmz=125407186.1238772749.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none
); PHPSESSID=sqh58tnkrkmb46o6bd1e60srq7; logged_out=0;
__utma=125407186.2910789677633345500.1238772749.1238783965.1238784122.7;
__utmc=125407186; __utmb=125407186.42.10.1238784122
Authorization	Digest username="auser", realm="account",
nonce="jpCKC6tmBAA=d6657424b87e5916af57b6184e62949d9638d4c6",
uri="/account/", response="b52f484b12096ec8b376349366616b95",
algorithm="MD5", cnonce="e3545cc852130483f1cc536f40f9c6ff", nc=00000001,
qop="auth"

Does anyone know why this wouldn't work?  It's throwing me for a loop.  What
is Safari doing?

Thanks,

Michele


Scanned by Check Point Total Security Gateway.

Mime
View raw message