MFH

diff --git a/sapi/apache2filter/sapi_apache2.c b/sapi/apache2filter/sapi_apache2.c
index cf26f0cc76a719e34beafc54fd0ed2295f4425d8..41c5588b2316f9e5afebbcd7f1c76a9ca330af75 100644 (file)
--- a/sapi/apache2filter/sapi_apache2.c
+++ b/sapi/apache2filter/sapi_apache2.c
@@ -388,7 +388,7 @@ static void php_apache_request_ctor(ap_filter_t *f, php_struct *ctx TSRMLS_DC)
        apr_table_unset(f->r->headers_out, "Expires");
        apr_table_unset(f->r->headers_out, "ETag");
        apr_table_unset(f->r->headers_in, "Connection");
-       if (!PG(safe_mode)) {
+       if (!PG(safe_mode) || (PG(safe_mode) && !ap_auth_type(r))) {
                auth = apr_table_get(f->r->headers_in, "Authorization");
                php_handle_auth_data(auth TSRMLS_CC);
        } else {

diff --git a/sapi/apache2handler/sapi_apache2.c b/sapi/apache2handler/sapi_apache2.c
index da085d376ca5d3416e6033a5e3b3b6eab975b4ea..a9ae55efb49a6d1d58fb021f3fdd12f9dc7d4f2d 100644 (file)
--- a/sapi/apache2handler/sapi_apache2.c
+++ b/sapi/apache2handler/sapi_apache2.c
@@ -422,7 +422,7 @@ static void php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS_DC)
        apr_table_unset(r->headers_out, "Expires");
        apr_table_unset(r->headers_out, "ETag");
        apr_table_unset(r->headers_in, "Connection");
-       if (!PG(safe_mode)) {
+       if (!PG(safe_mode) || (PG(safe_mode) && !ap_auth_type(r))) {
                auth = apr_table_get(r->headers_in, "Authorization");
                php_handle_auth_data(auth TSRMLS_CC);
                ctx->r->user = apr_pstrdup(ctx->r->pool, SG(request_info).auth_user);