Search the Community
Showing results for tags 'php http header authorization'.
Found 1 result
In the default configuration the http-header "Authorization" is not passed to the fastcgi server. You could see this behavior in the mod_fastcgi documentation of the apache webserver. The REST-API of an installation of the Magento webstore software uses oauth. To fullfil the authorization steps they use the "Authorization" header. But this header isn't passed to the php process. So we've to append '-pass-header Authorization' to the FastCgiExternalServer configuration line to obtain a line like this: FastCgiExternalServer .../fpm.external -socket ../customer-php-fpm.socket -idle-timeout 180 -pass-header Authorization But I'm not sure if authorization-header passing is enabled we get some security constraints too. What do you think? Maybe we could open a feature/bug ticket for this case?