PHP :: Bug #2727 :: Incorrect 401 Status Manipulation

Bug #2727	Incorrect 401 Status Manipulation
Submitted:	1999-11-15 20:20 UTC	Modified:	1999-11-16 00:35 UTC
From:	mike at vservers	Assigned:
Status:	Closed	Package:	Other
PHP Version:	4.0 Beta 2	OS:	BSDI 4.01
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	mike at vservers
New email:
PHP Version:		OS:

New Comment:

[1999-11-15 20:20 UTC] mike at vservers

Using Apache 1.3.1 and PHP 4.0b2:

If there's an Apache directive for a custom 401 authorization required) error page, and that error page file is a PHP file type, the PHP handler parses through the file and then changes the request status from 401 to 200.  

The result of this is that if you have a PHP enhanced 401 error page, PHP prevents your browser from requesting a password because it changes the request status from a 401 to a 200.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[1999-11-16 00:35 UTC] sas at cvs dot php dot net

Add a 

header("HTTP/1.0 401 Unauthorized");

to your script and it should work.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat May 10 02:01:26 2025 UTC