[Catalyst] Authorization header absent under mod_fcgi
Andy Grundman
andy at hybridized.org
Wed Mar 12 15:26:46 GMT 2008
On Mar 12, 2008, at 6:21 AM, Tom Ott wrote:
> Hi,
>
> Andy Grundman schrieb:
>> I'm going to look into this. I hope there's a sane way to get it
>> to work without having to special-case the Authorization header.
>
> See my posting "Engine::(Fast)CGI and Basic Auth in Apache 2" on
> 29.02.2008.
>
> In short: Catalyst::Engine::CGI does only copy environment settings
> =~ /^(?:HTTP|CONTENT|COOKIE)/i; whereas in Apache2 the env setting
> is called 'Authorization' and the FastCGI engine subclasses
> Catalyst::Engine::CGI.
>
> So basically one has to fix repare_headers() in
> Catalyst::Engine::CGI or subclass the FastCGI as a workaround.
Yeah, it's a bug in mod_fastcgi but we can work around it easily.
Lighttpd properly passes the header as HTTP_AUTHORIZATION. For
mod_fastcgi we'll have to do this:
if ( $env{Authorization} ) {
$env{HTTP_AUTHORIZATION} = delete $env{Authorization};
}
I have a patch and a test and will check it in soon.
More information about the Catalyst
mailing list