httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Foster, Stephen \(ASPIRE\)" <steve.fos...@hmrcaspire.com>
Subject RE: [users@httpd] re-writing URI's
Date Fri, 22 Dec 2006 09:03:17 GMT
Hi there,

i've tried that and had no joy, what i am trying now is to have a rewrite condition based
on the first part of the query string.

e.g:

RewriteCond %{QUERY_STRING} =?APPURI(.*)
RewriteRule APPURI=http: APPURI=https: [QSA,L]

However i can't get the rule to kick in for the condition, it seems to ignore it (probably
becauses its wrong !!) and tries to apply the rule to the uri. e.g from the rewrite log:

10.101.212.165 - - [21/Dec/2006:13:04:35 +0000] [dit.hmrc.gov.uk/sid#11b360][rid#9d7c88/initial]
(3) applying pattern 'APPURI' to uri '/service/validation/validator.js'

Any thoughts would be greatly appreciated

Steve

-----Original Message-----
From: jslive@gmail.com [mailto:jslive@gmail.com]On Behalf Of Joshua
Slive
Sent: 15 December 2006 17:02
To: users@httpd.apache.org
Subject: Re: [users@httpd] re-writing URI's


On 12/15/06, Foster, Stephen (ASPIRE) <steve.foster@hmrcaspire.com> wrote:
> hi joshua,
>
> sorry i should have been more specific. Its not actually our app but an authentication
plug-in and backend that changes the URI and then passes back to the browser. There may be
a bug in it that its capturing the incoming URL and not able to re-write it to https before
passing back. This is being investigated by the provider but in the meantime i would like
to re-write the URI to the proper secure method.
>
> does that make sense?

Sort of.  But it is hard to tell where your authentication plug-in is
acting here.  What I would do is simply tack a ? on the end of the URL
when redirecting from HTTP to HTTPS.  This will eliminate the query
string and hopefully force your plug-in to recreate it.  And it also
has the benefit of making sure your don't accidentally have people
submit sensitive information in the query string to the non-secure
server.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org



===========================================================
Our e-mail domain has now changed from iraspire.com to hmrcaspire.com. Please update your
address books.
===========================================================


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message