如何访问$ _SERVER中未出现的请求标头? [英] How can I access request headers that don't appear in $_SERVER?
问题描述
我正在尝试在PHP中创建REST API,我想实现类似于Amazon S3方法的身份验证方案。这涉及在请求中设置自定义授权标头。
I am attempting to create a REST API in PHP and I'd like to implement an authentication scheme similar to Amazon's S3 approach. This involves setting a custom 'Authorization' header in the request.
我以为我可以使用$ _SERVER ['HTTP_AUTHORIZATION']访问标头,但它是在var_dump($ _ SERVER)中找不到任何地方。 apache_request_headers()函数可以解决我的问题,但是我的主机将PHP实现为CGI,因此它不可用。
I had thought I would be able to access the header with $_SERVER['HTTP_AUTHORIZATION'], but it's nowhere to be found in var_dump($_SERVER). The apache_request_headers() function would solve my problem, but my host implements PHP as CGI, so it's unavailable.
我是否有另一种方法可以访问PHP中的完整请求标头?
Is there another way I can access the complete request headers in PHP?
推荐答案
你需要做一些 mod_rewrite
魔法来获取您的标题通过CGI屏障,如下所示:
You'll need to do some mod_rewrite
wizardry to get your headers past the CGI barrier, like so:
RewriteEngine on
RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
<?php
$auth = $_SERVER['HTTP_AUTHORIZATION'];
?>
请注意,如果您使用 mod_rewrite
出于其他目的,它最终可能 $ _ SERVER ['REDIRECT_HTTP_AUTHORIZATION']
。
Note that if you're using mod_rewrite
for other purposes, it could end up being $_SERVER['REDIRECT_HTTP_AUTHORIZATION']
.
这篇关于如何访问$ _SERVER中未出现的请求标头?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!