How can I access request headers that don't appear in $_SERVER?

Question

I am attempting to create a REST API in PHP and I\'d like to implement an authentication scheme similar to Amazon\'s S3 approach. This involves setting a custom \'Authorizat

Answer 1

You'll need to do some mod_rewrite wizardry to get your headers past the CGI barrier, like so:

RewriteEngine on
RewriteRule .? - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

Note that if you're using mod_rewrite for other purposes, it could end up being $_SERVER['REDIRECT_HTTP_AUTHORIZATION'].