---- dokuwiki-2007-06-26b/conf/dokuwiki.php~ 2007-12-19 00:27:28.671399503 +0200
-+++ dokuwiki-2007-06-26b/conf/dokuwiki.php 2007-12-19 00:39:47.679195099 +0200
-@@ -69,6 +69,7 @@
+- https://github.com/dokuwiki/dokuwiki/pull/15
+
+--- dokuwiki-2020-07-29a/conf/dokuwiki.php~ 2022-09-03 19:58:24.000000000 +0300
++++ dokuwiki-2020-07-29a/conf/dokuwiki.php 2023-03-27 11:25:04.212540600 +0300
+@@ -63,6 +63,7 @@
+ $conf['rememberme'] = 1; //Enable/disable remember me on login
$conf['disableactions'] = ''; //comma separated list of actions to disable
- $conf['sneaky_index'] = 0; //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
+$conf['http_auth'] = 1; //allows HTTP authorization (SSO) from PHP_AUTH_USER/PHP_AUTH_PW variables
+ $conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
+ $conf['remote'] = 0; //Enable/disable remote interfaces
+ $conf['remoteuser'] = '!!not set!!'; //user/groups that have access to remote interface (comma separated). leave empty to allow all users
+--- dokuwiki-2023-04-04/inc/auth.php~ 2023-04-04 19:21:21.000000000 +0300
++++ dokuwiki-2023-04-04/inc/auth.php 2023-04-05 15:43:33.873377532 +0300
+@@ -75,7 +75,7 @@
+ }
- /* Advanced Options */
-
---- dokuwiki-2007-06-26b/inc/auth.php~ 2007-06-26 21:27:15.000000000 +0300
-+++ dokuwiki-2007-06-26b/inc/auth.php 2007-12-19 00:40:14.598022033 +0200
-@@ -60,7 +60,7 @@
- if (!isset($_REQUEST['r'])) $_REQUEST['r'] = '';
-
- // if no credentials were given try to use HTTP auth (for SSO)
-- if(empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){
-+ if($conf['http_auth'] && empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){
- $_REQUEST['u'] = $_SERVER['PHP_AUTH_USER'];
- $_REQUEST['p'] = $_SERVER['PHP_AUTH_PW'];
- }
+ // if no credentials were given try to use HTTP auth (for SSO)
+- if (!$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($INPUT->server->str('PHP_AUTH_USER'))) {
++ if ($conf['http_auth'] && !$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($INPUT->server->str('PHP_AUTH_USER'))) {
+ $INPUT->set('u', $INPUT->server->str('PHP_AUTH_USER'));
+ $INPUT->set('p', $INPUT->server->str('PHP_AUTH_PW'));
+ $INPUT->set('http_credentials', true);