Auth_basic and file uploads

Hi Folks,

I’ve got a magento site under development, and just want it to be
password protected until it goes live. No problem I thought…

add in the auth_basic/auth_basic_user_file entries to the location /
block.

However, when I do that, I get a password request for the upload…

2013/04/11 05:12:40 [error] 9866#0: *31 no user/password was provided
for basic authentication, client: Mmy IP>, server: example.com, request:
“POST /index.php/admin/catalog_product_gallery/upload/key/ HTTP/1.1”, host: “example.com”

If I enclose the auth_basic/auth_basic_user_file entries in a
limit_except POST block, then I can’t log in, wcwn though it them works
perfectly if I’m already logged in!

Any pointers??

Cheers,

Steve

Hello!

On Thu, Apr 11, 2013 at 06:18:19PM +1200, Steve H. wrote:

2013/04/11 05:12:40 [error] 9866#0: *31 no user/password was provided
Any pointers??
If your browser sees password request only on file uploads, it may
not be able to get 401 (Unauthorized) response correctly and retry
the request with authentication. I would expect this to be very
similar to 413 (Request Entity Too Large) handling by browsers, as
explicitly mentioned here in docs:

http://nginx.org/r/client_max_body_size

Obvious solution is to require authentication before the upload.

–
Maxim D.
http://nginx.org/en/donation.html