[nycphp-talk] Why - Safari?

Michele Waldman mmwaldman at
Fri Apr 3 15:10:40 EDT 2009

I have a setenvif which works when using ie and ff, but not safari.  Since
it's on the server-side, I figured it should always work just as long as the
browser sets the HTTP Headers correctly.


SetEnvIf Cookie "logged_out=1" logged_out_env=1

Order Allow,Deny

Deny from env=logged_out_env


SetEnvIf Authorization "realm=\"account\"" logged_in_env=1

Order Allow,Deny

Allow from env=logged_in_env


I set the realm with htaccess digest and the cookie with php.


I've tried things like "^(.*)?logged_out=1(.*)?$", etc.  Both of these
statements deny access.


For some reason neither of these statements allow the user access when using
Safari, but if I turn the orders off and look at phpinfo, the headers look


); PHPSESSID=sqh58tnkrkmb46o6bd1e60srq7; logged_out=0;
__utmc=125407186; __utmb=125407186.42.10.1238784122

Authorization     Digest username="auser", realm="account",
uri="/account/", response="b52f484b12096ec8b376349366616b95",
algorithm="MD5", cnonce="e3545cc852130483f1cc536f40f9c6ff", nc=00000001,


Does anyone know why this wouldn't work?  It's throwing me for a loop.  What
is Safari doing?





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the talk mailing list