mod rewrite RegEx not recognizing %

Forum Moderators: phranque

Message Too Old, No Replies

mod rewrite RegEx not recognizing %

tarsus

6:22 pm on Aug 14, 2007 (gmt 0)

I'm trying to get a URL like the following:

[mysite.com...]

To rewrite to this:

[mysite.com...]

The part of the URL that comes after 'login' is a filepath that has been URL encoded. This is necessary because the filepath might otherwise sometimes contain &, which will confuse the login.php script.

My rule:

RewriteRule ^login(.+)$ account/login.php?redirect=$1 [L]

This doesn't work at all, meaning the URL request is never even matched with the RegEx. I've tried using this with a URL that has not been encoded, i.e.:

[mysite.com...]

And it works. Is there some reason that encoded characters like %2F are not matched with (.+)?

jdMorgan

6:46 pm on Aug 14, 2007 (gmt 0)

I can't remember the exact details, but you'll have to test REQUEST_URI or THE_REQUEST using a RewriteCond to match the unencoded URL. We've had several previous threads [google.com] on this subject.

Jim

tarsus

7:46 pm on Aug 14, 2007 (gmt 0)

I've reviewed the other posts and tried my best to revise my rule. I'm new to RewriteCond, so bear with me. Here is the new condition/rule I tried:

RewriteCond %{THE_REQUEST} ^login(.+)$
RewriteRule .* account/login.php?redirect=%1 [L]

This still gets no match to the RegEx whatsoever. It seems odd to me that these rules aren't just failing to pass the proper info to backreferences, but failing to match the expression at all. Shouldn't (.+) at least match and attempt to redirect, regardless of whether the string contains %2F or '/'?

Anyway, maybe you can clue me in to what's going wrong with the condition/rule above?

jdMorgan

9:13 pm on Aug 14, 2007 (gmt 0)

THE_REQUEST is the entire client HTTP request header. For example, for this page right here, it would look like this:

GET /apache/3422069.htm HTTP/1.1

So obviously, your start-anchored RewriteCond pattern will never match.

I'd suggest:


RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /login([^\ ]+)\ HTTP/
RewriteRule ^login account/login.php?redirect=%1 [NE,L]

Jim

tarsus

10:00 pm on Aug 14, 2007 (gmt 0)

I'm afraid it still doesn't work. I copied that condition/rule exactly (and I did look closely at it to make sure it matched what I wanted it to), but I'm still not getting a RegEx match at all.

Here's the strange thing. I tried this very simple rule:

RewriteRule ^login account/login.php [L]

This will not even work. With this same URL:

[mysite.com...]

I still get no match at all. And yet with this:

[mysite.com...]

It works. How can the simple expression ^login not match the above URL just because it has the unicode following it?

jdMorgan

4:38 pm on Aug 15, 2007 (gmt 0)

Ask your host if they have any security filter modules in place. The presence of a filter intended to prevent injection attacks is the only explanation I can come up to explain why you're having such trouble.

Jim

tarsus

4:47 pm on Aug 15, 2007 (gmt 0)

Actually, this is on Apache installed on my local machine, no frills. Looks like I'm stuck!

jdMorgan

5:00 pm on Aug 15, 2007 (gmt 0)

One more thing: Try turning off MultiViews, AcceptPathInfo, and mod_speling if they're enabled.

Jim

tarsus

6:35 pm on Aug 16, 2007 (gmt 0)

I really hate to ask this, but how do I do that?

jdMorgan

9:38 pm on Aug 16, 2007 (gmt 0)

I really hate to have to reply: [httpd.apache.org...] :)

Jim