From f7efd0b387b7bdbfe0fd1e38fe6b7d4a812b4e39 Mon Sep 17 00:00:00 2001 From: Roy-Orbison Date: Wed, 20 Nov 2019 15:04:29 +1030 Subject: [PATCH 1/2] Simpler example for Apache basic auth workaround Uses a simpler regex and existing back-reference instead of reading header twice. --- ServerBag.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ServerBag.php b/ServerBag.php index 4c82b1774..f3b640234 100644 --- a/ServerBag.php +++ b/ServerBag.php @@ -46,13 +46,13 @@ public function getHeaders() /* * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default * For this workaround to work, add these lines to your .htaccess file: - * RewriteCond %{HTTP:Authorization} ^(.+)$ - * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] + * RewriteCond %{HTTP:Authorization} .+ + * RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0] * * A sample .htaccess file: * RewriteEngine On - * RewriteCond %{HTTP:Authorization} ^(.+)$ - * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] + * RewriteCond %{HTTP:Authorization} .+ + * RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0] * RewriteCond %{REQUEST_FILENAME} !-f * RewriteRule ^(.*)$ app.php [QSA,L] */ From d2d0cfe8e319d9df44c4cca570710fcf221d4593 Mon Sep 17 00:00:00 2001 From: Thomas Bisignani Date: Thu, 28 Nov 2019 13:52:59 +0100 Subject: [PATCH 2/2] [HttpFoundation] Fixed typo --- BinaryFileResponse.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/BinaryFileResponse.php b/BinaryFileResponse.php index f43114111..ea7ac8469 100644 --- a/BinaryFileResponse.php +++ b/BinaryFileResponse.php @@ -348,7 +348,7 @@ public static function trustXSendfileTypeHeader() } /** - * If this is set to true, the file will be unlinked after the request is send + * If this is set to true, the file will be unlinked after the request is sent * Note: If the X-Sendfile header is used, the deleteFileAfterSend setting will not be used. * * @param bool $shouldDelete