|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56923 weird behaviour involving http auth
Submitted: 2006-03-28 03:57 UTC Modified: 2006-03-28 04:13 UTC
From: judas dot iscariote at gmail dot com Assigned:
Status: Not a bug Package: APC (PECL)
PHP Version: 5_1 CVS-2006-03-28 OS: Linux amd64
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: judas dot iscariote at gmail dot com
New email:
PHP Version: OS:


 [2006-03-28 03:57 UTC] judas dot iscariote at gmail dot com
Im using latest APC code from the CVS, and Im experimenting and strange behaviour, that sadly I don't know if you will be able to reproduce. :-)

this has been found only due casuality.

I opened apc.php in a firefox tab, and logged in, to look how my cache is working.

then In a second tab, I have opened a test installation of the very nice flux-cms.

to my surprise, it started asking for username and password,for repeated times ( and flux-cms doesn't use HTTP auth at all)
after a few tries, with bad, blank or just hitting cancel at the prompt,things becomes totally normal.

both apc.php and flux-cms are in the same host/virtual host.

PHP without apc loaded doesn't exbiit this weird behaviour..

seems APC is doing some strange thing with HTTP auth...

Reproduce code:
none currently

Expected result:
not asking for HTTP auth in places without it.

Actual result:
asking for username and password in places which doesn't have to.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2006-03-28 04:13 UTC]
That's extremely unlikely.  Outside of the apc.php script, there is absolutely nothing in APC that has anything to do with Auth stuff.  And the apc.php script is just a PHP script sending:

  Header("WWW-Authenticate: Basic realm=\"APC Login\"");
  Header("HTTP/1.0 401 Unauthorized");

Now, if you have some other code running on the same vhost, that code is going to see the Authentication headers sent by your browser.  My only thought is the presence of these headers is confusing your cms.  There is nothing here I can fix.  Either fix your cms, run apc.php in another vhost, or edit apc.php to remove those Auth headers.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Fri Jun 02 16:03:42 2023 UTC