Re: Mod_auth_digest URI Mismatch
Andr Malo wrote: * Rob Emanuele wrote: Any suggestions for a workaround? forms: use POST simple URLs: use mod_rewrite or something to provide the browser a URL without query strings. (client-side: use another browser ;-) Or, if you really really want to touch only Apache, and are willing to take the responsibility, do the following VERY CAREFULLY: off the record patch mod_auth_digest.c: d_uri.path[0] == '*' d_uri.path[1] == '\0')) + #ifdef NOT_FOR_ME /* check that query matches */ || (d_uri.query != r_uri.query (!d_uri.query || !r_uri.query || strcmp(d_uri.query, r_uri.query))) + #endif ) { /off the record And remember: you haven't heard it from me! ;-) -- Eli Marmor [EMAIL PROTECTED] CTO, Founder Netmask (El-Mar) Internet Technologies Ltd. __ Tel.: +972-9-766-1020 8 Yad-Harutzim St. Fax.: +972-9-766-1314 P.O.B. 7004 Mobile: +972-50-23-7338 Kfar-Saba 44641, Israel
Re: Mod_auth_digest URI Mismatch
* Rob Emanuele wrote: When using IE 6.0.2600 or the WinInet API which uses IE to retrieve data from a cgi that has params in the get request I get an error: Digest: uri mismatch - /cgi%2Dbin/get_age.pl does not match request-uri /cgi%2Dbin/get_age.pl?data=foo Is this a bug in the mod_auth_digest or in the way IE6 generates responses to a digest challenge? It's a bug in IE, see also the note at http://httpd.apache.org/docs-2.0/mod/mod_auth_digest.html#using If I look at the packets going across the wire the Autorization header definitely says uri=/cgi%2Dbin/get_age.pl. yes, that's the bug. The query string lacks. nd -- my @japh = (sub{q~Just~},sub{q~Another~},sub{q~Perl~},sub{q~Hacker~}); my $japh = q[sub japh { }]; print join # [ $japh =~ /{(.)}/] - [0] = map $_ - () #André Malo # = @japh;# http://www.perlig.de/ #
RE: Mod_auth_digest URI Mismatch
Thanks. I found that too. Is this listed anywhere in Microsoft's Knowledge Base? Any suggestions for a workaround? Praying for a hotfix, Rob -Original Message- From: André Malo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 17, 2002 10:26 AM To: [EMAIL PROTECTED] Subject: Re: Mod_auth_digest URI Mismatch * Rob Emanuele wrote: When using IE 6.0.2600 or the WinInet API which uses IE to retrieve data from a cgi that has params in the get request I get an error: Digest: uri mismatch - /cgi%2Dbin/get_age.pl does not match request-uri /cgi%2Dbin/get_age.pl?data=foo Is this a bug in the mod_auth_digest or in the way IE6 generates responses to a digest challenge? It's a bug in IE, see also the note at http://httpd.apache.org/docs-2.0/mod/mod_auth_digest.html#using If I look at the packets going across the wire the Autorization header definitely says uri=/cgi%2Dbin/get_age.pl. yes, that's the bug. The query string lacks. nd -- my @japh = (sub{q~Just~},sub{q~Another~},sub{q~Perl~},sub{q~Hacker~}); my $japh = q[sub japh { }]; print join # [ $japh =~ /{(.)}/] - [0] = map $_ - () #André Malo # = @japh;# http://www.perlig.de/ #
Re: Mod_auth_digest URI Mismatch
* Rob Emanuele wrote: Thanks. I found that too. Is this listed anywhere in Microsoft's Knowledge Base? hmm, don't know. Didn't find anything there. Any suggestions for a workaround? forms: use POST simple URLs: use mod_rewrite or something to provide the browser a URL without query strings. (client-side: use another browser ;-) nd -- Real programmers confuse Christmas and Halloween because DEC 25 = OCT 31. -- Unknown (found in ssl_engine_mutex.c)