MFH: Made auth information inaccessible under safe mode

author Moriyoshi Koizumi <moriyoshi@php.net>

Sat, 21 Dec 2002 21:52:41 +0000 (21:52 +0000)

committer Moriyoshi Koizumi <moriyoshi@php.net>

Sat, 21 Dec 2002 21:52:41 +0000 (21:52 +0000)
author Moriyoshi Koizumi <moriyoshi@php.net>
Sat, 21 Dec 2002 21:52:41 +0000 (21:52 +0000)
committer Moriyoshi Koizumi <moriyoshi@php.net>
Sat, 21 Dec 2002 21:52:41 +0000 (21:52 +0000)
diff --git a/sapi/apache2filter/sapi_apache2.c b/sapi/apache2filter/sapi_apache2.c

index 052863d345376019787bd01d2e0fd090b2d9499d..09b5ce7b22700c5855cda6956c2e1daec9858aa1 100644 (file)
--- a/sapi/apache2filter/sapi_apache2.c
+++ b/sapi/apache2filter/sapi_apache2.c
@@ -369,8 +369,13 @@ static void php_apache_request_ctor(ap_filter_t *f, php_struct *ctx TSRMLS_DC)
         apr_table_unset(f->r->headers_out, "Expires");
         apr_table_unset(f->r->headers_out, "ETag");
         apr_table_unset(f->r->headers_in, "Connection");
-       auth = apr_table_get(f->r->headers_in, "Authorization");
-       php_handle_auth_data(auth TSRMLS_CC);
+       if (!PG(safe_mode)) {
+               auth = apr_table_get(f->r->headers_in, "Authorization");
+               php_handle_auth_data(auth TSRMLS_CC);
+       } else {
+               SG(request_info).auth_user = NULL;
+               SG(request_info).auth_password = NULL;
+       }
  
         php_request_startup(TSRMLS_C);
  }
author	Moriyoshi Koizumi <moriyoshi@php.net>
	Sat, 21 Dec 2002 21:52:41 +0000 (21:52 +0000)
committer	Moriyoshi Koizumi <moriyoshi@php.net>
	Sat, 21 Dec 2002 21:52:41 +0000 (21:52 +0000)