Issue #670454 by pwolanin, cburschka, effulgentsia: Support HTTP Authorization in CGI environments.

Author: DavidRothstein

.htaccess

@@ -63,6 +63,10 @@ DirectoryIndex index.php index.html index.htm
   RewriteCond %{HTTPS} on
   RewriteRule ^ - [E=protossl:s]
 
+  # Make sure Authorization HTTP header is available to PHP
+  # even when running as CGI or FastCGI.
+  RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
   # Block access to "hidden" directories whose names begin with a period. This
   # includes directories used by version control systems such as Subversion or
   # Git to store control files. Files whose names begin with a period, as well

CHANGELOG.txt

@@ -1,6 +1,8 @@
 
 Drupal 7.23, xxxx-xx-xx (development version)
 -----------------------
+- Changed the default .htaccess file to support HTTP authorization in CGI
+  environments.
 - Changed the password reset form to pre-fill the username when requested via a
   URL query parameter, and used this in the error message that appears after a
   failed login attempt (minor data structure and behavior change).