You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by no...@apache.org on 2007/12/02 06:33:14 UTC

svn commit: r600245 - /httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml

Author: noodl
Date: Sat Dec  1 21:33:12 2007
New Revision: 600245

URL: http://svn.apache.org/viewvc?rev=600245&view=rev
Log:
PR#44001 AuthDigestEnableQueryStringHack unnecessary for MSIE7.
Reported by: Takashi Sato <serai lans-tv.com>
Confirmed by: Vincent Jong <megaspaz tron.megaspaz.net> & noodl

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml?rev=600245&r1=600244&r2=600245&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml Sat Dec  1 21:33:12 2007
@@ -91,9 +91,9 @@
 </section>
 
 <section id="msie"><title>Working with MS Internet Explorer</title>
-    <p>The Digest authentication implementation in current Internet
-    Explorer for Windows implementations has known issues, namely that
-    <code>GET</code> requests with a query string are not RFC compliant.
+    <p>The Digest authentication implementation in previous Internet
+    Explorer for Windows versions (5 and 6) had issues, namely that
+    <code>GET</code> requests with a query string were not RFC compliant.
     There are a few ways to work around this issue.</p>
 
     <p>
@@ -107,12 +107,15 @@
     <code>AuthDigestEnableQueryStringHack</code> environment variable.
     If <code>AuthDigestEnableQueryStringHack</code> is set for the
     request, Apache will take steps to work around the MSIE bug and
-    remove the request URI from the digest comparison.  Using this
+    remove the query string from the digest comparison.  Using this
     method would look similar to the following.</p>
 
     <example><title>Using Digest Authentication with MSIE:</title>
     BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
     </example>
+
+    <p>This workaround is not necessary for MSIE 7, though enabling it does
+    not cause any compatibility issues or significant overhead.</p>
 
     <p>See the <directive module="mod_setenvif">BrowserMatch</directive>
     directive for more details on conditionally setting environment