Tag Archives: HTTP

PHP: Authorization header missing on Apache

I’m using a simple PHP cross-domain-proxy to be able to do some Javascript requests towards an API on a different domain. Worked great, until I needed to do basic authentication. I set the appropriate header to be passed through, 'Authorization': 'Basic ' + btoa(username+':'+password), but in the proxy script, that header had vanished.

Turns out it was Apache stripping it away. Don’t know if it’s because of security or because Apache thinks that, hey, I’m the one dealing with this stuff so no point sending it to the script. Anyways, seems you can get it back by doing the following in an .htaccess file:

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

Now the header is passed through to the API successfully and I’m no longer getting 401 Unauthorized back 🙂

IIS: Redirect HTTP to HTTPS

To cleanly redirect HTTP to HTTPS with IIS, first install the URL Rewrite module, and then add the following to your web.config. Also remember to have bindings defined for your site for both HTTPS(443) and HTTP(80).

<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          </conditions>
          <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>

Source: StackOverflow

Apache: Redirect one domain to another

The following .htaccess redirects all traffic to a different domain and preserves the path.

RewriteEngine On
RewriteRule (.*) http://example.com/$1 [R=301,L]

The following redirects non-www to www version, also preserving the path.

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

And hopefully I’ll remember I put this here the next time I’ve forgotten how to do this…

Simple Meddler scripts for faking web service responses

I recently discovered Meddler which is an HTTP generator based on JScript. Since there were not many samples to find and Google wasn’t really of much help here, I figured I could share the scripts I write here. Maybe it helps someone out, and even more likely, I will probably have to look back at this at some time since I will forget 😛

Continue reading Simple Meddler scripts for faking web service responses