I want to process a request header using a custom rewrite map.
Therefore I want to have the content of the header in an environment variable.
I have not found a way to do that with mod_headers and/or mod_rewrite.
Any help is appriciated.
Mod_rewrite example for the request header "X-Forwarded-For":
RewriteRule .* - [E=X-Forwarded-For:%{HTTP:X-Forwarded-For}]
Related
I am using apache 2.2. I have to set header for home page url only. e.g If url is https://www.example.com then I need to set header for this URL only. Could you please help me on this?
I have tried below things but no luck.
If condition used but not working for this version.
RewriteCond %{REQUEST_URI} /
Header set ABC "abc"
Here, Header is setting for all URLs in the application
I'm using Apache 2.4 as Reverse Proxy, and I need to redirect to an URL, only if credential is passed into URL. For Example, this is my URL:
https://user:password#myserver.mydomain.com/site1.php?1
I use this Rewrite Condition:
RewriteCond %{HTTP_HOST} ^user:password#ohab\.marcolino7\.myds\.me$
But it do not match, i suppose because HTTP_HOST do not contain authentication data.
In there a way to match the URL with also authentication data and then so I can redirect?
Many Thanks
Marco
As you correctly say, that is not part of the host header, so wouldn't match like that.
You can do it using the REMOTE_USER variable. How you do it depends on the context of your rules. See the documentation and specifically the quote below.
%{LA-U:variable} can be used for look-aheads which perform an
internal (URL-based) sub-request to determine the final value of
variable. This can be used to access variable for rewriting which is
not available at the current stage, but will be set in a later phase.
For instance, to rewrite according to the REMOTE_USER variable from
within the per-server context (httpd.conf file) you must use
%{LA-U:REMOTE_USER} - this variable is set by the authorization
phases, which come after the URL translation phase (during which
mod_rewrite operates).
On the other hand, because mod_rewrite implements its per-directory
context (.htaccess file) via the Fixup phase of the API and because
the authorization phases come before this phase, you just can use
%{REMOTE_USER} in that context.
Something like this in your httpd.conf file:
RewriteCond %{LA-U:REMOTE_USER} =user
Or in .htaccess:
RewriteCond %{REMOTE_USER} =user
I want to be able to send an authenticated requests via http header when I'm in localhost, but I can't do that before adding this:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.)
RewriteRule . - [e=HTTP_AUTHORIZATION:%1]
to my .htaccess file, but I can't find the file. I have enable to see alle hidden files, but none of them is .htaccess. Hope you guys can help - Thank you.
PS I'm using this guide which tell me what to do to make send a http header reqeust when on localhost: https://github.com/tymondesigns/jwt-auth/wiki/Authentication
A .htaccess file won't be created by Apache automatically. You have to create it yourself (or use the regular configuration files, which would be slightly more efficient is the method recommended by the Apache documentation).
I am attempting to add CORS handling using apache and mod_rewrite. The apache instance is front-ending multiple tomcat applications using mod_jk. Some of these applications have their own logic for adding CORS headers Access-Control-Allow-Origin, Access-Control-Max-Age, etc.
For the applications that didn't take care of the CORS logic, I would like to manage it on apache using mod rewrite.
Does anyone know if its possible to add a header to an HTTP response using mod_rewrite only if the header doesn't already exist? The browser reports an error if the CORS origin header is written twice.
mod_rewrite is to rewrite url's, not to set headers. What you want to use is mod_headers (documentation).
I don't know if mod_rewrite runs before mod_headers, but I would suggest to set environment variables using SetEnvIf instead (documentation).
You can do something like this:
SetEnvIf Request_URI "^/my/app/(.*)/?$" ADDHEADERS=1
Header set Access-Control-Max-Age 123456 env=ADDHEADERS
I have a directory of mp3 files want to have be able to serve them inline or giving the user an option to download based on the request URI.
/media/file1.mp3 -- in this case, I just want to serve the file and let the browser play it.
/media/download/file1.mp3 -- in this case, I want to make it easy for a user to download the file instead.
I have been able to accomplish this with mod_rewrite and php (using the header() and readfile() function) but I would rather do it all with mod_rewrite, mod_header etc if possible.
IfDefine will check variables set on start-up of Apache so that won't work. A valid config would be:
SetEnvIf Request_URI ^/media/download/ force-download
Header set Content-Disposition attachment env=force-download
Also changing the Content-Type is not necessary to force a download.
With mod_rewrite you can only change some specific header fields but to which the Content-Disposition header field doesn’t belong. You could only change the Content-Type header field:
RewriteRule ^media/[^/]+\.mp3$ - [L,T=audio/mpeg]
RewriteRule ^media/download/[^/]+$ - [L,T=application/octet-stream]
And if you want to use a mod_headers+mod_setenvif solution:
SetEnvIf Request_URI ^/media/download/ force-download
<IfDefine force-download>
Header set Content-Disposition attachment
Header set Content-Type application/octet-stream
</IfDefine>
If you want to base rule on parameters in URI, here is the logic / syntaxe (adapt RewriteCond) :
RewriteCond %{QUERY_STRING} ^dl=1$
RewriteRule ^ - [L,E=FORCEDOWNLOAD:1]
Header set Content-Disposition attachment env=FORCEDOWNLOAD
Here, we force download if the only parameter is "dl=1"