I suspect this can't be done, but here goes anyway. Is there a way, on a static site, to show the URL the user is trying to reach when you use the Apache directive ErrorDocument to redirect a 404 File Not Found error to a custom page? For instance, if you try:
http://www.fredriley.org.uk/dingbat/arsebiscuits
the default 404 error says:
The requested URL /dingbat/arsebiscuits was not found on this server.
So the URL must be in an environment variable. Can I get at that in a custom error document? I'd like to tell users the URL rather than just give them a generic error document. I know I can do this easily enough in PHP, but the site comprises static HTML docs only.
Having a static site does not prevent you from having a dynamic error page. You can use whatever server-side technology your hosting service offers.
If you can use PHP, you can simply pick a static template, change its extension to *.php and add a little dynamic snippet:
<p><?php echo htmlspecialchars($_SERVER['REQUEST_URI']); ?></p>
If you can use SSI, it's very similar:
<p><!--#echo var="REQUEST_URI" --></span></p>
The REQUEST_URI variable contains the local part of the URL as typed by the user (except hash). It's a good choice.
Related
Question:
How can I include both https: and http: results from a single domain in a Google custom search engine but display any such result in an iframe with a secure parent window?
How It's Structured:
My Google custom search engine currently searches "mydomainname.com/directory/" with the option to "Include all pages whose address contains this URL". It operates on a specific page of the website to search pages within the specified directory. The Link Target set in Websearch Settings is an iframe on the same page as the search bar.
The browser window and the iframe src are both on the same secure domain. And since the search results are all from a directory within the site structure, are all on this same domain as well.
Currently some results appear as "https://..." and some appear "www...". Obviously, this creates a mixed-content error when the browser window is https:// and an attempt is made to display a http:// search result in the iframe.
The results that are http:// will, of course, also work as https:// urls. I do not know what makes a page or file appear in the search results as "www." or "https://" when they all originate from a single secure domain.
The "http://" results appear even if I specify the site to be searched as https://www.mydomainname.com/directory/. I don't want to exclude these results, but I want them to be able to be displayed when browsing the site securely.
The Objective:
So the bottom-line rule that I need to work around is that insecure pages or files cannot be loaded into an iframe on a secure web page. I obviously want users to be able to utilize the https:// site but then I need the search to function in such a way that allows for all possible search results for these users.
The reason I need the results' target to be this iframe is that this is the frame that displays all the content of the web page. The search results work in harmony with the organization of other information. Such that choosing a link from a category in the page's navigation and choosing a search result from the custom search result display the chosen content into the same location, the iframe.
What I've Tried:
I've tried designating https:// specifically in the Google Search Engine (gse) settings and removing : 'http' from the script line gcse.src =(document.location.protocol == 'https:' ? 'https:' : 'http:') + '//cse.google.com/cse.js?cx=' + cx;.
I looked in the script file that it's linking to: http://cse.google.com/cse.js?cx=012685392925564329750:ghl2znnfada but I can't decipher what might need to be changed in it.
In the error log on the console I don't see much to be relevant except for the expected inability to load insecure pages while browsing securely. But there is this that looks like (maybe) it's relevant? though I could be completely wrong because I can't really decipher it either:
Mixed Content: The page at
'https://mydomainname.com/directory/index.php' was loaded over HTTPS,
but requested an insecure script 'http://www.google.com/jsapi?
key=ABQIAAAAdCtw6Xq1Q31YAr7VSQOSvxS5g7WKqCWUBuUdhz3-
rUOumR2saRSPGvey2WjYALW7f5_JzakSL3lAEg'. This request has been blocked;
the content must be served over HTTPS.
Insecure Script from Error Message:
http://www.google.com/jsapi?key=ABQIAAAAdCtw6Xq1Q31YAr7VSQOSvxS5g7WKqCWUBuUdhz3-rUOumR2saRSPGvey2WjYALW7f5_JzakSL3lAEg
Proposed Paths to a Solution:
I am open to any solution methods that may be possible. I have considered several routes but am not sure how to properly execute them or have failed in my attempts to execute them.
Some solutions I thought may work are:
Show all results as https:// links (without excluding any) so that they can be accessed whether on a secure connection to the site or not.
Redirect any links clicked without https:// to be loaded into the iframe as https://
Change something about the pages and files on the server so that they only appear in the search results as https://
Change something about Google's search engine script so it parses all found results as https://
Somehow show links as http:// if browsing non-secure, and https:// if browsing secure *
*I don't know how viable or efficient this would be
The most robust solution is to migrate all your website in https :
use 301 (permanent) redirect from http to https
and activate HSTS (if possible with includeSubdomains)
Google will take a little time to update his index but the HSTS will automatically replace http by https so you should avoid any mixed content issues.
I have a Joomla site running on Apache and Ubuntu 12.04. I wanted to show a custom 404 pages to be shown when a 404 error occure. I have made necessary changes to error.php file in my template directory to redirect it to '/404' directory where I have an index.html file with many images,css and java script.
Now when accessing a non-existent page, Joomla is redirecting me to root/404 but there I get a 403 Forbidden error from appache. The 404 directory is located inside 'htdocs' directory of Joomla installation.
Additional info:
1. I don't want to convert my 404 page into a Joomla template or article.
2. I am using a Joomla AMI from Bitnami on Amazon web service
If you redirect to a 404 page, you corrupt the error mechanism. The client will never get that 404 status, but a 200 on successful redirect to your error page.
Instead, you should modify your template's error.php to
send the 404 Not Found header
directly send the error page using readfile()
You might have to adjust the asset paths within your error page.
That's totally wrong, working with static pages does not mean that you have to overcome Joomla's routing.
You should either override the error Page view or use custom error pages.
Take a look at Joomla's documentation.http://docs.joomla.org/Custom_error_pages
Nibra was totally right about breaking the mechanism but still using a readfile() seems as an overkill.
When you use modrewrite to rewrite your urls, when does the rewrite occur. Will the user be able to see the url before rewrite, when hovering over the link? When they hover over a link will their browser display the rewritten url or the url before it was modified with modrewrite?
The rewrite is done in the server so the user will never know,
PHP also doesn't know what link its pointing to only the script file
mod_rewrite acts on the server side, meaning that apache rewrites incoming URLs before responding to the request. Any HTML links you add to a page will point to the URL you entered, as mod_rewrite doesn't modify any outgoing data.
The rewrite occurs when Apache has parsed the request - before the PHP interpreter has been started.
The friendly URLs are stored in the database for all the pages where they are used, but how would I define a friendly URL for this page:
http://www.vintage-adventures.com/en/modules/faq/faqs.php
so that it serves as (and links TO it look like) this:
http://www.vintage-adventures.com/en/modules/faq/faqs
Unlike all the other PS core pages, I don't know where the link_rewrite value would STORED and ACCESSED by PS so that this page/link behaves just like all the other friendly URL pages/links. I realize that AFTER it is defined in the database, then I would make a rewrite rule entry in .htaccess so that browsers will fetch the actual content from the non-friendly address. I need to get it DEFINED first, though.
Usually its within the Tools > CMS section there is the meta tags and URL if I am not mistaken...
In prestashop 1.4 you can set this under
Preferences > SEO & URLs in admin.
Solved by creating a file in root called faq.php with the following code:
<?php
include(dirname(__FILE__).'/modules/faq/faqs.php');
Then SEO & URL tab should pick up faq.php in root which can be given a friendly URL.
Once assigned a friendly URL regenerate an ".htaccess"
My project use htaccess files to restrict access to the server resources. The access is granted with an HTTP authentication.
I want to leave HTTP authentication and use a php-session-like login authentication to check access.
What I want to do could be simply done in a script like:
<?php
session_start()
if ( !isset($_SESSION['user']) ) {
header('location : /login.php');
exit;
}
//...also we could use url rewriting to redirect all urls pointing to static resource through
// a script that will deliver its content or redirect to the login form depending on
// identification status
Using php for dynamic pages is not a problem, but how to I grand access to Static resource using a session id passed with cookies in apache ?
I've seen questions related to cookie based redirection in apache, but none of them treat about identifying a user based on a sessionId passed by cookie.
For HTML content, keep your "static" content in PHP scripts whose only "dynamic" feature is that they contain a common header included for checking login/session.
For images, css, javascript, documents, anything else, this more extensive discussion will be of help.