tags:

views:

450

answers:

2
Q: 

Safari does not work with forms on .htaccess site

I can't get Safari to submit forms to a page that is protected by .htaccess.
I have reduced my test page to:

<html>
<body>

<?php
  if(isset($_REQUEST["name"]))
     echo "<p>You entered: ", $_REQUEST["name"], "</p>";
?>

  <form method='post' action='index.php'>
  <p><input type='text' NAME='name'>
     <input type='submit' name='send' value='Send'></p>
  </form>

</body>
</html>

If I remove the .htaccess file the above page runs without any problem.
With this .htaccess file Safari will never finish loading the page:

AuthUserFile /xxxx/xxxx/.htpasswd
AuthGroupFile /xxxx/xxxx/.htgroup
AuthName Members
AuthType Basic

<Limit GET POST>
  require group XXXXX
</Limit>

ErrorDocument 401 /errors/401.php

Is there a workaround for this problem?

Update

I can remove the POST limitation in the .htaccess file:

<Limit GET>
  require group XXXXX
</Limit>

This will work for the above test case, but I won't be logged in anymore which means that:

  1. I don't have access to $_SERVER["PHP_AUTH_USER"]
  2. I have a security hole

Any ideas?

Update 2

I have added a missing line in the .htaccess file above (ErrorDocument 401 /errors/401.php) and made a personal reminder to always include everything in the samples (I'm supposed to know this). Helped by the comments from Marie Fischer it turns out that:

Safari will not be able to submit a form to a page that is protected by .htaccess (which limits POST) if the .htaccess file includes an ErrorDocument like:

ErrorDocument 401 /errors/401.php
+1  A: 

Does your example work with other browsers? Does it work with require user instead of group? Have you looked at your servers error log?

Edit: I did a quick test using your examples and everything worked fine.

Marie Fischer  2009-07-21 10:16:54
It works with IE, Firefox and Chrome 2 on Windows. Firefox on Mac works occasionally.No difference between require group and require user.I haven't found anything special in the server logs.
Peter Olsson  2009-07-21 10:30:17
How about Safari on Windows? If you are having problems on Macs, then have you tried completely closing the browser (the little red dot won't do, choose quit from the menu) and making a fresh start?
Marie Fischer  2009-07-21 10:48:55
Thank you for the testing. I made me pursue this even further... see solution to the problem above.I have been testing on Safari Windows.
Peter Olsson  2009-07-21 10:58:46
A: 

What if you make the HTTP authentication on the page where you have the form? Then you are logged in and it should work. Or?

floplus  2009-07-21 10:17:33
Probably - it would require rethinking the security issues.
Peter Olsson  2009-07-21 10:32:02

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?