Apache strips out custom header
i have a wordpress site on our server which tries to communicate with a client thru REST APi
i'm using a JWT authentication plugin for Wordpress along with WP-REST API
so the problem is i have to add this lines to pass a custom headers to the plugin for a tokenverfication..
but when i tried to debug, then i got no such header Named Authorization in the Ajax request i made to the script/plugin. i used jquery and the following code to perform the ajax
In the browser debugging tool it showed that header named "Authorization" do exist.. But at the server side i got nothing named "Authorization".. used php code [PHP]getallheaders();[/PHP] to fetch headers.. So which stands for either apache is striping out the Headers or any other issue, kindly guide me SERVER CONFIG cPanel : 68 PHP : 7.1 with CGI Apache : mod_mpm_event + mod_cgid + mod_suexec Please feel free to ask if need any other info. thanks
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
but when i tried to debug, then i got no such header Named Authorization in the Ajax request i made to the script/plugin. i used jquery and the following code to perform the ajax
$.ajax({
type: "POST",
url: "URLHIDDEN",
headers: {
'Authorization': DATA,
},
success: function (response) {
console.log(response);
}, error: function(e){
console.log(e);
}
});In the browser debugging tool it showed that header named "Authorization" do exist.. But at the server side i got nothing named "Authorization".. used php code [PHP]getallheaders();[/PHP] to fetch headers.. So which stands for either apache is striping out the Headers or any other issue, kindly guide me SERVER CONFIG cPanel : 68 PHP : 7.1 with CGI Apache : mod_mpm_event + mod_cgid + mod_suexec Please feel free to ask if need any other info. thanks
-
PHP : 7.1 with CGI Apache : mod_mpm_event + mod_cgid + mod_suexec
Hello, Using CGI with Mod_Suexec can lead to stripped headers like you have described. Can you try switching to a different handler (e.g. suPHP) to verify if the issue persists? Additionally, you may need to add an entry like this in the .htaccess file:SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
Thank you.0 -
its a production server with over 500 accounts.. kindly let me know more about suPHP handler.. docs link will be perfect and if you then some brief pros and cons 0 -
Hello, We document the different available PHP handlers at: PHP Handlers - EasyApache 4 - cPanel Documentation For testing, you may want to consider enabling suPHP on a version of PHP that isn't widely used on the system (e.g. PHP 7.2), and then ensure the account you are testing with is assigned to that version of PHP. See: MultiPHP Manager for WHM - Version 70 Documentation - cPanel Documentation Thank you. 0 -
Well that a nice clever solution.. thanks for the help 0
Please sign in to leave a comment.
Comments
4 comments