[英]PHP not see Authorization header
I have an application which use OAtuth2, and I recognized that there is a problem with Authorization header. Because in php script I can't read this header.我有一个使用 OAtuth2 的应用程序,我发现授权 header 有问题。因为在 php 脚本中我无法读取这个 header。
The header is sent correctly(Firebug.network): header 被正确发送(Firebug.network):
Accept application/json, text/plain, */*
Accept-Encoding gzip, deflate
Accept-Language pl,en-US;q=0.7,en;q=0.3
Authorization Bearer 3213826ad9147747f3927feca675e3aeee7d0306
Cache-Control max-age=0
Connection keep-alive
Cookie __utma=269300334.55671391.1445337979.1448456981.1453303397.4; __utmz=269300334.1453303397.4.3.utmcsr **strong text**=haynet.pl|utmccn=(referral)|utmcmd=referral|utmcct=/; _ga=GA1.2.55671391.1445337979; PHPSESSID=m3e64vsduq8vpacfhvnfka66k1; _gat=1
Host pze2.biuro.netivo.pl
Referer http://pze2.biuro.netivo.pl/
User-Agent Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
But when I'm calling getallheaders() function or apache_request_headers() function I don't see Authorization header,(response print from apache_request_headers()):但是当我调用 getallheaders() function 或 apache_request_headers() function 时,我没有看到授权 header,(来自 apache_request_headers() 的响应打印):
array(10) {
["Accept"]=>
string(33) "application/json, text/plain, */*"
["Accept-Encoding"]=>
string(13) "gzip, deflate"
["Accept-Language"]=>
string(23) "pl,en-US;q=0.7,en;q=0.3"
["Cache-Control"]=>
string(9) "max-age=0"
["Connection"]=>
string(10) "keep-alive"
["Cookie"]=>
string(230) "__utma=269300334.55671391.1445337979.1448456981.1453303397.4; __utmz=269300334.1453303397
.4.3.utmcsr=haynet.pl|utmccn=(referral)|utmcmd=referral|utmcct=/; _ga=GA1.2.55671391.1445337979; PHPSESSID
=m3e64vsduq8vpacfhvnfka66k1; _gat=1"
["Host"]=>
string(20) "pze2.biuro.netivo.pl"
["Referer"]=>
string(28) "http://pze2.biuro.netivo.pl/"
["User-Agent"]=>
string(73) "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"
["X-Prerender-Token"]=>
string(20) "rVnH5kFzvZM1HbRkqZDU"
}
Dumping $_SERVER var not see header too.转储 $_SERVER var 也看不到 header。
I tried adding some directives in htacces, but it still does'nt work:我尝试在 htacces 中添加一些指令,但它仍然不起作用:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
My entire.htaccess file and apache vhost:我的 entire.htaccess 文件和 apache 虚拟主机:
<IfModule mod_headers.c>
RequestHeader set X-Prerender-Token "rVnH5kFzvZM1HbRkqZDU"
</IfModule>
<IfModule mod_rewrite.c>
Options -Indexes
RewriteEngine On
Header add Access-Control-Allow-Origin: *
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header set Access-Control-Allow-Headers: "Authorization"
# www => http
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
<IfModule mod_proxy_http.c>
RewriteCond %{HTTP_USER_AGENT} baiduspider|facebookexternalhit|twitterbot|rogerbot|linkedinbot|embedly|quora\ link\ preview|showyoubot|outbrain|pinterest|slackbot|vkShare|W3C_Validator [NC,OR]
RewriteCond %{QUERY_STRING} _escaped_fragment_
# Only proxy the request to Prerender if it's a request for HTML
RewriteRule ^(?!.*?(\.js|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent|\.ttf|\.woff))(.*) http://service.prerender.io/http://pze2.biuro.netivo.pl/$2 [P,L]
</IfModule>
//Some rewrite rules making my app work
</IfModule>
<VirtualHost *:80>
ServerName pze2.biuro.netivo.pl
ServerAlias pze2.swmilib.pl
DocumentRoot /var/www/pze2/
CustomLog /var/log/apache2/pze2_access.log combined
ErrorLog /var/log/apache2/pze2_error.log
<IfModule log_forensic_module>
ForensicLog /var/log/apache2/pze_forensic.log
</IfModule>
</VirtualHost>
Please help, I have no idea why it's not working.请帮忙,我不知道为什么它不起作用。 Mayby it's server problem.
可能是服务器问题。 If so tell me how to fix it.
如果是这样告诉我如何解决它。 I have debian server with apache2.2.22 and PHP 5.6.13
我有 debian 服务器 apache2.2.22 和 PHP 5.6.13
OK I found an answer. 好的,我找到了答案。 For those who will look up form solution, just add to your htaccess:
对于那些将查找表单解决方案的人,只需添加到您的htaccess:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
In my case it helped. 在我看来,它有所帮助。
My solution: For versions above 7 it was to use REDIRECT_HTTP_AUTHORIZATION.我的解决方案:对于 7 以上的版本,它是使用 REDIRECT_HTTP_AUTHORIZATION。
$headers=apache_request_headers(); // php 5.6
if(phpversion()>7){
$headers['Authorization']=$_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.