...@nyc.rr.com]
Sent: Wednesday, April 22, 2009 7:46 PM
To: modules-dev@httpd.apache.org
Subject: RE: Location of Apache Modules
I don't think a checking to see if the logged in user name is different from
the credentials user is that much additional overhead.
M*
-Original Message-
From
on this thinking that it was going to be a quick fix.
Michele
-Original Message-
From: Eric Covener [mailto:cove...@gmail.com]
Sent: Tuesday, April 21, 2009 2:00 PM
To: modules-dev@httpd.apache.org
Subject: Re: Location of Apache Modules
On Tue, Apr 21, 2009 at 12:51 PM, Michele Waldman
: Michele Waldman [mailto:mmwald...@nyc.rr.com]
Sent: Wednesday, April 22, 2009 1:37 PM
To: modules-dev@httpd.apache.org
Subject: RE: Location of Apache Modules
I'm looking in modules/http/http_request.c.
Is this even in the right ballpark?
I'm hoping there's one if statement this call is failing
Subject: RE: Location of Apache Modules
Folks I've talked to just don't try to get htaccess to work with ajax
for the most part. They rely on php security.
That's probably because on the backend, they still need to handle
authorization. Unless all users to your backend should have equal access
Did your browser send digest credentials on the ajax request? You can
log %{Authorization}i in the access log to quickly tell.
Yes. The browser is sending the creditials. I did check this. That's what
was hanging me up.
If credentials were sent, can mod_log_config log a %u or were they
