MFH: Made auth information inaccessible under safe mode

author: Moriyoshi Koizumi <moriyoshi@php.net> 2002-12-21 21:52:41 +0000
committer: Moriyoshi Koizumi <moriyoshi@php.net> 2002-12-21 21:52:41 +0000
commit: 6e2cd3fcfe5bc7ca93d88fcda681af16590b9602 (patch)
tree: c2ee0a7cbc58b34b103e85f49fc66b6219a89d54
parent: b686c05f3b0b48967990a9dada79c200191578e2 (diff)
download: php-git-6e2cd3fcfe5bc7ca93d88fcda681af16590b9602.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/sapi/apache2filter/sapi_apache2.c b/sapi/apache2filter/sapi_apache2.c
index 052863d345..09b5ce7b22 100644
--- a/sapi/apache2filter/sapi_apache2.c
+++ b/sapi/apache2filter/sapi_apache2.c
@@ -369,8 +369,13 @@ static void php_apache_request_ctor(ap_filter_t *f, php_struct *ctx TSRMLS_DC)
 	apr_table_unset(f->r->headers_out, "Expires");
 	apr_table_unset(f->r->headers_out, "ETag");
 	apr_table_unset(f->r->headers_in, "Connection");
-	auth = apr_table_get(f->r->headers_in, "Authorization");
-	php_handle_auth_data(auth TSRMLS_CC);
+	if (!PG(safe_mode)) {
+		auth = apr_table_get(f->r->headers_in, "Authorization");
+		php_handle_auth_data(auth TSRMLS_CC);
+	} else {
+		SG(request_info).auth_user = NULL;
+		SG(request_info).auth_password = NULL;
+	}
 
 	php_request_startup(TSRMLS_C);
 }
author	Moriyoshi Koizumi <moriyoshi@php.net>	2002-12-21 21:52:41 +0000
committer	Moriyoshi Koizumi <moriyoshi@php.net>	2002-12-21 21:52:41 +0000
commit	6e2cd3fcfe5bc7ca93d88fcda681af16590b9602 (patch)
tree	c2ee0a7cbc58b34b103e85f49fc66b6219a89d54
parent	b686c05f3b0b48967990a9dada79c200191578e2 (diff)
download	php-git-6e2cd3fcfe5bc7ca93d88fcda681af16590b9602.tar.gz