Menu
I am attempting to create a REST API in PHP and I'd like to implement an authentication scheme similar to Amazon's S3 approach. This involves setting a custom 'Authorization' header in the request.
I had thought I would be able to access the header with $_SERVER['HTTP_AUTHORIZATION'], but it's nowhere to be found in var_dump($_SERVER). The apache_request_headers() function would solve my problem, but my host implements PHP as CGI, so it's unavailable.
Is there another way I can access the complete request headers in PHP?
921
You'll need to do some mod_rewrite wizardry to get your headers past the CGI barrier, like so:
RewriteEngine on
RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
<?php
$auth = $_SERVER['HTTP_AUTHORIZATION'];
?>
Note that if you're using mod_rewrite for other purposes, it could end up being $_SERVER['REDIRECT_HTTP_AUTHORIZATION'].
151
Try
$_ENV['HTTP_AUTHORIZATION']
When using CGI interface instead of Apache Module interface, HTTP headers should be available as environment variables.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
