如何访问未出现在 $_SERVER 中的请求标头? [英] How can I access request headers that don't appear in $_SERVER?

问题描述

我正在尝试在 PHP 中创建一个 REST API，并且我想实现一个类似于 Amazon 的 S3 方法的身份验证方案.这涉及在请求中设置自定义授权"标头.

I am attempting to create a REST API in PHP and I'd like to implement an authentication scheme similar to Amazon's S3 approach. This involves setting a custom 'Authorization' header in the request.

我原以为可以使用 $_SERVER['HTTP_AUTHORIZATION'] 访问标头，但在 var_dump($_SERVER) 中找不到它.apache_request_headers() 函数可以解决我的问题，但是我的主机将 PHP 实现为 CGI，所以它不可用.

I had thought I would be able to access the header with $_SERVER['HTTP_AUTHORIZATION'], but it's nowhere to be found in var_dump($_SERVER). The apache_request_headers() function would solve my problem, but my host implements PHP as CGI, so it's unavailable.

还有其他方法可以访问 PHP 中的完整请求标头吗?

Is there another way I can access the complete request headers in PHP?

推荐答案

你需要做一些 mod_rewrite 魔法来让你的标题通过 CGI 障碍，像这样:

You'll need to do some mod_rewrite wizardry to get your headers past the CGI barrier, like so:

RewriteEngine on
RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

<?php
    $auth = $_SERVER['HTTP_AUTHORIZATION'];
?>

请注意，如果您将 mod_rewrite 用于其他目的，它最终可能是 $_SERVER['REDIRECT_HTTP_AUTHORIZATION'].

Note that if you're using mod_rewrite for other purposes, it could end up being $_SERVER['REDIRECT_HTTP_AUTHORIZATION'].

这篇关于如何访问未出现在 $_SERVER 中的请求标头?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！