PR#44001 AuthDigestEnableQueryStringHack unnecessary for MSIE7.

Reported by: Takashi Sato <serai lans-tv.com>
Confirmed by: Vincent Jong <megaspaz tron.megaspaz.net> & noodl

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@600245 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/mod/mod_auth_digest.xml b/docs/manual/mod/mod_auth_digest.xml
index 53b89703d9868d0601de3975c2af01674d55a23e..5ea71370c4e7d4e276cd30115eb4b7138c06e1bb 100644 (file)
--- a/docs/manual/mod/mod_auth_digest.xml
+++ b/docs/manual/mod/mod_auth_digest.xml
@@ -91,9 +91,9 @@
 </section>
 
 <section id="msie"><title>Working with MS Internet Explorer</title>
-    <p>The Digest authentication implementation in current Internet
-    Explorer for Windows implementations has known issues, namely that
-    <code>GET</code> requests with a query string are not RFC compliant.
+    <p>The Digest authentication implementation in previous Internet
+    Explorer for Windows versions (5 and 6) had issues, namely that
+    <code>GET</code> requests with a query string were not RFC compliant.
     There are a few ways to work around this issue.</p>
 
     <p>
@@ -107,13 +107,16 @@
     <code>AuthDigestEnableQueryStringHack</code> environment variable.
     If <code>AuthDigestEnableQueryStringHack</code> is set for the
     request, Apache will take steps to work around the MSIE bug and
-    remove the request URI from the digest comparison.  Using this
+    remove the query string from the digest comparison.  Using this
     method would look similar to the following.</p>
 
     <example><title>Using Digest Authentication with MSIE:</title>
     BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
     </example>
 
+    <p>This workaround is not necessary for MSIE 7, though enabling it does
+    not cause any compatibility issues or significant overhead.</p>
+
     <p>See the <directive module="mod_setenvif">BrowserMatch</directive>
     directive for more details on conditionally setting environment
     variables</p>