Issue with HttpAuthDigestModule
francis at daoine.org
Sat Mar 9 17:58:56 UTC 2013
On Fri, Mar 08, 2013 at 06:41:46PM -0500, redleaderuk wrote:
> I think I've found the actual problem: having a querystring at the end of
> the URL stops the HttpAuthDigiestModule from working correctly.
> Can anyone shed any light on this please? I hope it's something I can fix
> via the config file but perhaps it's simply a limitation with the module
It looks to me like a problem with this third-party module.
It calculates a hash over r->uri, and compares it with the hash that the
browser calculated over its idea of the request. If you replace r->uri
with r->unparsed_uri and recompile, it will work for more requests.
The "right" fix is probably to use fields->uri instead, and then also
make sure that fields->uri and r->unparsed_uri correspond to the same
thing. That (in theory) should work for all requests, but would also
take longer to do right.
Francis Daly francis at daoine.org
More information about the nginx