enderandpeter
commented
10 years ago So I think I'll also close this one for now until I figure out how to make a pull request that has just a single commit.
Closed enderandpeter closed 10 years ago
enderandpeter
commented
10 years ago So I think I'll also close this one for now until I figure out how to make a pull request that has just a single commit.
Wow... I'm not clear on why this request involves 14 previous commits since last April. I only meant to request a single change to a single file. Maybe I need to rebase at some point...?
Check out the previous discussion.
Anyway, I think this would be a nice feature to have so you could securely use this tool on a live web server. From what I understand, if either
$_SERVER['REMOTE_USER']is not empty or the key 'Authorization' exists in the array returned byapache_request_headers(), that should indicate successful HTTP authorization. Although it's possible that the server authenticated the user in a way that those values would not detect. Also, there could still be a way to spoof those values, but no method immediately comes to mind. What do you say?