[Wylug-help] HTTP authentication error redirector

Gary Stainburn gary.stainburn at ringways.co.uk
Fri, 24 Jan 2003 12:43:26 +0000 

On Friday 24 Jan 2003 12:28 pm, Gary Stainburn wrote:
> On Thursday 23 Jan 2003 10:41 pm, lotusblossom@blueyonder.co.uk wrote:
> > I could be wrong, but I think you just add it into the header:
> >
> > Replace your echo with :
> >
> > header("Location: http://www.stainburn.com/nymr/noentry.html?$secure");
> >
> > Hope this helps
> > Rachel
> > ---
> > Rachel Harding
> > mailto:LotusBlossom@Blueyonder.co.uk
>
> Hi Rachel,
>
> I've already tried that but it doesnt work. It simply actioned the
> Location: immediately without first prompting for the username and
> password.  (Also, the feedback form didn't render in IE!)
>
> Judging by the way wget behaves, this appears to be either because
> Apache/PHP seems to be sending the Location: header in preference to the
> other two headers, or the browser's and accepting it in preference.
>
> If I changed the header to echo it simply produced a text/plain document
> with the syntax showing.
>
> Both browsers behaved identically in all these tests.
>
> One thing I have thought about but I don't know how to do it is have a
> Javascript routine called when the page is loaded, and have it redirect the
> browser somehow.
>
> Anyone got suggestions?

Yes Gary, I've got one.  Have a go at :

__BEGIN__
  function getauth($realm) {
    if (!$realm) {
      $realm='Restricted NYMR';
    }
    global $secure;
    header("WWW-Authenticate: Basic realm=\"$realm\"");
    header('HTTP/1.0 401 Unauthorized');
    echo("<html><head><title>Unauthorised access</title></head>
<script type=\"text/javascript\" language=\"JavaScript\">

function gothere() {
  window.location.href=\"http://www.stainburn.com/nymr/noentry.html?$secure\";
}
</script>
      <body OnLoad=\"gothere()\"></body></html>");
    exit;
  }
__END__

I've tried this on Mozilla and IE5.5.

Gary

>
> Gary
>
> > Gary Stainburn <gary.stainburn@ringways.co.uk>
> > Sent by: wylug-help-admin@wylug.org.uk
> > 23/01/2003 17:00
> >
> >         To:     wylug-help@wylug.org.uk
> >         cc:
> >         Subject:        [Wylug-help] HTTP authentication error redirector
> >
> >
> > Hi folks,
> >
> > I've got the following code which works great on Netscape/Mozilla
> > browsers.
> > If the user hits the escape key at the user ID and password window, the
> > text
> > specified is rendered in the browser and the user is redirected to the
> > relevent error page.
> >
> > However, this doesn't work with MS browsers as they don't honour the
> > HTTP-EQUIV meta-tag.  Has anyone got a workaround that I could try?
> >
> >   function getauth($realm) {
> >     if (!$realm) {
> >       $realm='Restricted NYMR';
> >     }
> >     global $secure;
> >     header("WWW-Authenticate: Basic realm=\"$realm\"");
> >     header('HTTP/1.0 401 Unauthorized');
> >     echo("<html><head><title>Unauthorised access</title><meta
> > http-equiv=\"Location\"
> > content=\"http://www.stainburn.com/nymr/noentry.html?$secure\"></head><bo
> >dy
> >
> >></body></html>"); exit;
> >
> >   }

--
Gary Stainburn

This email does not contain private or confidential material as it
may be snooped on by interested government parties for unknown
and undisclosed purposes - Regulation of Investigatory Powers Act, 2000