You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by Wild KArl-Heinz <kh...@pircher.at> on 1997/12/27 23:03:20 UTC

mod_auth-any/1601: Authentication Header send from Perl or Shell-Scripts

>Number:         1601
>Category:       mod_auth-any
>Synopsis:       Authentication Header send from Perl or Shell-Scripts
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sat Dec 27 14:10:01 PST 1997
>Last-Modified:
>Originator:     kh.wild@pircher.at
>Organization:
apache
>Release:        1.3b3
>Environment:
Linux wild 2.0.30 #150 Sun Jun 29 16:20:24 MEST 1997 i586 unknown
>Description:
It is not possible to send a 401 - Authentication header without receiving
an 500 Errorcode from the server.

A snip of a script:

  print "HTTP/1.0 401 Authentification\n";
  print "WWW-Authenticate: Basic\n\n";

A snip of error-log:

[error] malformed header from script. 
Bad header=HTTP/1.0 401 Authentification: /usr/local/httpd/cgi-bin/autho.pl
>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]