Proxy the BasicAuth authentication header in htaccess_works() so that

if the entire Gallery is behind BasicAuth we share the same credentials as the browser. Fixes #1413.
author: Bharat Mediratta <bharat@menalto.com> 2010-10-02 16:44:31 -0700
committer: Bharat Mediratta <bharat@menalto.com> 2010-10-02 16:44:31 -0700
commit: 161bbb9ba3fbc10cada28e4ce384a426cabc02d8 (patch)
tree: 6a8ebebe64e59349832e141171f30ae301b96b51 /modules/gallery/helpers
parent: 62f1bb06a21c3b07acf8005c30a5d856199d7424 (diff)
1 files changed, 12 insertions, 2 deletions
diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php
index 52a36298..1a448e4a 100644
--- a/modules/gallery/helpers/access.php
+++ b/modules/gallery/helpers/access.php
@@ -727,8 +727,18 @@ class access_Core {
         fclose($fp);
       }
 
-      list ($response) = remote::do_request(url::abs_file("var/security_test/verify"));
-      $works = $response == "HTTP/1.1 200 OK";
+      // Proxy our authorization headers so that if the entire Gallery is covered by Basic Auth
+      // this callback will still work.
+      $headers = array();
+      if (function_exists("apache_request_headers")) {
+        $arh = apache_request_headers();
+        if (!empty($arh["Authorization"])) {
+          $headers["Authorization"] = $arh["Authorization"];
+        }
+      }
+      list ($status, $headers, $body) =
+        remote::do_request(url::abs_file("var/security_test/verify"), "GET", $headers);
+      $works = ($status == "HTTP/1.1 200 OK") && ($body == "success");
     } catch (Exception $e) {
       @dir::unlink(VARPATH . "security_test");
       throw $e;
author	Bharat Mediratta <bharat@menalto.com>	2010-10-02 16:44:31 -0700
committer	Bharat Mediratta <bharat@menalto.com>	2010-10-02 16:44:31 -0700
commit	161bbb9ba3fbc10cada28e4ce384a426cabc02d8 (patch)
tree	6a8ebebe64e59349832e141171f30ae301b96b51 /modules/gallery/helpers
parent	62f1bb06a21c3b07acf8005c30a5d856199d7424 (diff)