aboutsummaryrefslogtreecommitdiffhomepage
path: root/assets
diff options
context:
space:
mode:
authorVirtualTam <virtualtam@flibidi.net>2018-03-22 22:23:41 +0100
committerVirtualTam <virtualtam@flibidi.net>2018-03-22 22:23:41 +0100
commit460cf03d6750cf9fa7e94de9af6fd66a704d6ee5 (patch)
tree607e005d6a0e3abc638201ecc1df598ebdecdcba /assets
parente54cb1bbe7500d5271d767a298cefbc85f904e0d (diff)
downloadShaarli-460cf03d6750cf9fa7e94de9af6fd66a704d6ee5.tar.gz
Shaarli-460cf03d6750cf9fa7e94de9af6fd66a704d6ee5.tar.zst
Shaarli-460cf03d6750cf9fa7e94de9af6fd66a704d6ee5.zip
httpd: always forward the 'Authorization' header
On some Apache HTTPD setups where the CGI/FastCGI mode is used, the HTTP header containing the JWT token is not forwarded, which results in the following error when attempting to use the REST API: "401 Not authorized: JWT token not provided" This patch allows forwarding the 'Authorization' header. An alternative would be to use the `CGIPassAuth` directive to allow all authorization headers to be forwarded. See: - https://secure.php.net/manual/en/features.http-auth.php#114877 - https://stackoverflow.com/questions/26475885/authorization-header-missing-in-php-post-request - https://stackoverflow.com/questions/13387516/authorization-header-missing-in-django-rest-framework-is-apache-to-blame - https://stackoverflow.com/questions/17018586/apache-2-4-php-fpm-and-authorization-headers - https://httpd.apache.org/docs/2.4/en/mod/core.html#cgipassauth Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'assets')
0 files changed, 0 insertions, 0 deletions