if ($HoTTProxyConfig{'HTTP_Proxy_Module_Logfile'}) {
 open (HPML,">>$path/$HoTTProxyConfig{'HTTP_Proxy_Module_Logfile'}") or die "Couldn't open logfile 
$path/$HoTTProxyConfig{'HTTP_Proxy_Module_Logfile'}. Ending.\n   Error: $!\n";
 print HPML "\n" . sortableDate() . " HoTTProxy Ver. $HoTTProxyVersion Started up...\n\n";
 $proxy->logfh(*HPML);
}

open (OUT,">>$path/HoTTProxyLog.txt") or die "Couldn't open logfile $path/HoTTProxyLog.txt. 
Ending.\n   Error: $!\n";

# Record the startup in the log
logevent('SYSTEM','127.0.0.1',"HoTTProxy Ver. $HoTTProxyVersion Started up...");

# The request header filter that follows handles the authentication, and the 
# insertion of previously stored proxy cookies into the client supplied request 
# headers (if proxy cookies are enabled).  It also strips off any cookie header 
# that the browser tries to provide unless the CookiePassthru setting has said 
# to allow them through.
    
my $requestHeaderFilter = HTTP::Proxy::HeaderFilter::simple->new(
   sub {
      my ( $self, $headers, $request ) = @_;
      my $auth = $self->proxy->hop_headers->header('Proxy-Authorization') || "";
  my ($authUser, $user, $pw, $correctPw, $homePage, $expires, $expiresEpoch, $i, $j, $k, $hop, 
$cookieBagList, @cookies2send);
  
  @cookies2send = ();

  my $uri = scalar($$request{'_uri'});
  my ($protocol, $hoststring, $url, $params) = $uri =~ m/([^:]*):\/\/([^\/]*)(\/[^?]*)?(\?.*)?/;

  my $host = $$request{'_headers'}{'host'};
  
  # print STDERR "Raw host in request is: $$request{'_headers'}{'host'}\n";

    # // ***************  Rule validation for host names  *************** \\
    
    # Host name rules:
    
    # 1. Name must start with a period
    # 2. If name less than 2 periods then .local is appended
 
    # Rule #1
    if (not $host =~ m/^\./) {
     $host = '.' . $host; # make it so
    }
    
    # Rule #2
    if (periodCount($host) < 2) {
     $host .= '.local';  # See RFC2109 to get an idea of what I'm doing here
    }
 
    # \\ ***************  Rule validation for host names  *************** //

      ($authUser) = $auth =~ m/^Basic (.*)$/;
  $authUser = decode_base64($authUser);
  # ($user,$pw) = split(/:/,$authUser);
  ($user,$pw) = $authUser =~ m/^([^:]+):(.+)$/;

  if ($user =~ m/[ \\\/:+*?"<>|&`\x00-\x21]/) { # Some characters we don't want in usernames
   $user = '';  
  }
  
  $correctPw = ''; # If $correctPw is still blank after authentication will fail
  if ($user) {
   my $filehandle;
   if (open($filehandle,"$path/$user.user")) {  # Note this file should contain the user's 
password, followed by CRLF followed by their choice of homepage URL (fully qualified 
http://host.domain.tld)
    $correctPw = <$filehandle>;
    chomp $correctPw;
    $homePage = <$filehandle>;
    chomp $homePage;
    $homePage = $HoTTProxyConfig{'DefaultHomePage'} unless $homePage;  # use the systemwide default 
homepage if the user doesn't have one
    $expires = <$filehandle>;
    chomp $expires;
    if (my ($year,$month,$day) = Decode_Date_US($expires)) {
     $expiresEpoch = Date_to_Time($year,$month,$day,0,0,0); # Expiration is at midnight (the start 
of) of the expiration date
    }
    close $filehandle;
   } elsif (open($filehandle,"$path/$user.password")) {  # Note this file should contain the user's 
password, followed by CRLF followed by their choice of homepage URL (fully qualified 
http://host.domain.tld)
    $correctPw = <$filehandle>;
    chomp $correctPw;
    $correctPw = md5_hex($correctPw); # Make it the same as if it had been an MD5 hash in the file 
to make comparing simple later
    $homePage = <$filehandle>;
    chomp $homePage;
    $homePage = $HoTTProxyConfig{'DefaultHomePage'} unless $homePage;  # use the systemwide default 
homepage if the user doesn't have one
    $expires = <$filehandle>;
    chomp $expires;
    if (my ($year,$month,$day) = Decode_Date_US($expires)) {
     $expiresEpoch = Date_to_Time($year,$month,$day,0,0,0); # Expiration is at midnight (the start 
of) of the expiration date
    }
    close $filehandle;