httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mike McMullen" <>
Subject Re: [users@httpd] Fw: GET and auth_digest
Date Sun, 11 Apr 2004 01:15:17 GMT

----- Original Message ----- 
From: "Joshua Slive" <>
To: <>
Sent: Saturday, April 10, 2004 4:24 PM
Subject: Re: [users@httpd] Fw: GET and auth_digest

> On Sat, 10 Apr 2004, Mike McMullen wrote:
> > > I'm playing around with digest authentication and I am getting
> > > the following error when I try to run a simple CGI script:
> > >
> > > </~mlm/bin/testsh.cgi> does not match request-uri
> > > </~mlm/bin/testsh.cgi?../data/file1.dat>,
> > > referer:
> > >
> > > When I try this using basic authentication it works fine. When I
> > > reference basic documents like index.htm etc with digest it
> > > works fine.
> Have you tried with a different browser?  MSIE has a bug in its digest
> auth that makes it fail on any request with a query string.
> There is a workaround that lets you ignore this if
> the AuthDigestEnableQueryStringHack environment variable is defined
> (for example using BrowserMatch).  But I believe it is only in the
> development branch (2.1) and not in the released branch.  The patch is
> here:
> Joshua.
Hi Joshua. Thanks for the info. It looks like that is the case here.

Unfortunately I don't have control of the browsers that will be using the
CGI applications we provide clients. We would like to use auth_digest and
SSL for
security reasons. All of our customers are MSIE users and very

I'm fairly new to all this so if my questions seem a little dim, I
apologize. What alternatives
do I have to work around this? Does this require I use the development code
and build
my own server from source? I'm a little hesitant to do that in a production
environment. If there
is anyway I can change either CGI or setup to get it to work with digest?



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message