4

I have a web server configured with Basic Authentication and LDAP. Usually, I can log in with usernames containing english alphabets for all 3 browsers. However, if the username contains special characters like (example german names like RÈM WÉB), the web server returns a 401 and I get the authentication pop up again i.e. apache fails to validate.

After checking the apache access.log, I could tell that when I login from firefox and chrome, the encoding seems different. Is this encoding decided by the browser or by the web server ? I assume it is browser cause things work fine with firefox. Where can I set this encoding scheme in chrome ?

Also, to confirm it is a browser thing, I can see that the Authorization Header sent is different for the same user in Firefox and Chrome. Clearly the header is not encoded using the same scheme by the browser. Any suggestions ?

More debugging tells that firefox (and also IE) use ISO8859-1 for encoding and chrome is using UTF-8.

I will be ok even if the Apache web server tries multiple times using (if ISO8859-1 returns a 401, it should try again with UTF-8). Either a browser or a web server solution should be ok.

Crusaderpyro
  • 2,163
  • 5
  • 29
  • 53
  • Try to set the default `meta charset` using apache directive, read this and let me know if it's work https://httpd.apache.org/docs/current/mod/core.html#adddefaultcharset – zatamine May 24 '17 at 22:26

1 Answers1

1

Try changing the character set on your login page to use ISO8859-1

<meta charset="ISO8859-1" />
Preston
  • 163
  • 1
  • 8
  • We do not have a login page. Directly use the authentication popup. If login is successful, apache redirects to the home page. – Crusaderpyro May 25 '17 at 06:50
  • Did you try this https://stackoverflow.com/questions/913869/how-to-change-the-default-encoding-to-utf-8-for-apache ? – Preston May 26 '17 at 01:30
  • This setting in Apache is for the response content type and not the request headers. – Crusaderpyro May 26 '17 at 01:31
  • If I read @MichielvanOosterhout answer correctly you will have to detect encoding other than ISO8859-1 and decode appropriately https://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication@MichielvanOosterhout – Preston May 26 '17 at 01:50