Nov 19 2010

Allowing Flash Uploads Through Apache Authentication in .htaccess

Occasionally, I run into issues uploading files through Flash to a development or staging site protected by Apache authentication. I've seen all kinds of recommendations to bypass the authentication, but nothing ever worked.

Recently, I realized you can limit the authentication to GET requests only, which leaves POST requests completely open. As it does leave POST open, I would only suggest using it for a development or staging environment.

<Limit GET>
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /path/to/htpasswd
Require valid-user

Since discovering the use of the <Limit> directive in .htaccess, I've seen this workaround mentioned several other places, sometimes using the <LimitExcept> directive instead. <LimitExcept> produced an Internal Service Error for me, so I can't vouch for it. Nevertheless, as the information is somewhat buried in comment threads and forums littered around the web, I wanted to post it out in the open for other frustrated developers out there to find and use.

1 comment

Great discovery! I'll definitely be giving this bit of code a try.

Will — Nov 22 2010