+ if ($auth == 'no' && function_exists('apache_request_headers')) {
+ // Sometimes Authorization doesn't make it into $_SERVER.
+ // Probably someone thought it was scary.
+ $headers = apache_request_headers();
+ if (isset($headers['Authorization'])) {
+ $auth = 'yes';
+ }
+ }