www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Jae Weinstein <rw...@is7.nyu.edu>
Subject Re: config/3000: BrowserMatch(NoCase)/SetEnvIf(NoCase) allowed in htaccess
Date Thu, 03 Dec 1998 01:10:01 GMT
The following reply was made to PR config/3000; it has been noted by GNATS.

From: Randy Jae Weinstein <rw263@is7.nyu.edu>
To: Ken.Coar@Golux.Com
Cc: apbugs@Apache.Org
Subject: Re: config/3000: BrowserMatch(NoCase)/SetEnvIf(NoCase) allowed in htaccess
Date: Wed, 2 Dec 1998 20:03:25 -0500 (EST)

  You should be able to do this with BrowserMatch/SetEnfIf and
  mod_rewrite.  mod_rewrite allows you to make decisions based upon
  environment variables.
  
 Ken --
 What you CAN currently do now (and what I am doing) is something like
 this:
 --- .htaccess file contents ---------------------------------------------------
 satisfy all
 allow from all
 AuthType Basic
 AuthNameClass Transcripts
 AuthExternal kerbcheck
 require user ..... # list all valid users
 
 RewriteEngine on
 RewriteCond %{HTTP_USER_AGENT} MSIE             [OR]
 RewriteCond %{HTTP_USER_AGENT} !^Mozilla/[4-9]\.
 RewriteRule ^.* /~myid/Errors/BrowserCompatability.html [L]
 ------------------------------------------------------------------------------
 
 The problem with this is, since the authentication modules are carried out
 before the rewrite modules, one needs to authenticate first! If the user
 successfuly authenticates and is using a non-compatible browser an error
 message appears (waiste of an authentication).
 
 What I proposed, would stop this problem. It would allow something like:
 --- Proposed .htaccess file contents ------------------------------------------
 SetEnvIf HTTP_USER_AGENT "^Mozilla/[0-3]" Netscape
 <IfDefine Netscape>
  satisfy all
  allow from all
  AuthType Basic
  AuthNameClass Transcripts
  AuthExternal kerbcheck
  require user ..... # list all valid users
 </IfDefine>
 
 <IfDefine !Netscape>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT} MSIE             [OR]
  RewriteCond %{HTTP_USER_AGENT} !^Mozilla/[4-9]\.
  RewriteRule ^.* /~myid/Errors/BrowserCompatability.html [L]
 </IfDefine>
 ------------------------------------------------------------------------------
 
 As you can see, if the netscape browser is noted, then the user is asked
 to authenticate, and if it is a non-netscape browswer, the user doesn't
 authenticate andjust receives an error message!
 
 This would be of great use to me and I'm sure would add the flexability
 that would allow others to make use of it to. My request calls for,
 SetEnvIf to be used in the htaccess file and allow IfDefine to accept the
 paramter-name from SetEnvIf. 
 
 -Cheers,
  RJW
 
 PS - Sorry I haven't replied to this in like 2 months, but I usually get
 emailed when the PR is replied to and that wasn't the case this time. :(.
 Anyway, I hope this _great_ feature can be implemented. The lower of the
 SetEnvIf shouldn't be hard (as the code is already written), and IfDefine
 or whatever it is to be called in this case should be hard to modify.
 THANKS FOR THE LOOK and the implementation :-)
 

Mime
View raw message