mod rewrite if conditional

Forum Moderators: phranque

Message Too Old, No Replies

mod rewrite if conditional

redirect if not conditional

mihy

11:53 am on Aug 15, 2007 (gmt 0)

Hello!

I have perl script and http authType basic...

and i give the perl sript auth_user_name by:

RewriteRule .* /perl_script.pl?usr=%{LA-U:REMOTE_USER} [R]

and apache it is doing well... but cycling...

therefore i must stop the mod_rewrite if url is:

/perl_script.pl?usr=%{LA-U:REMOTE_USER}&others_params_is_not_for_checking=1

if the first Rule is:

RewriteRule perl_script.pl - [L]

all is ok, but you by hand can change usr param and get info about another user... and it's not right. User must see onlu perl_script?usr=auth_user_name&other_param=is_not_importatnt_for_rewriting

any idea?

jdMorgan

2:58 pm on Aug 15, 2007 (gmt 0)

If I understand the question, this code in .htaccess should help:


# Forbid direct client access to script URL
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /perl_script\.pl
RewriteRule ^perl_script\.pl$ - [F]
#
# Internally rewrite all other URL requests to perl_script, appending remote_user as query string
RewriteRule [b]![/b]^per_script\.pl$ /perl_script.pl?usr=%{LA-U:REMOTE_USER} [L]

Note that THE_REQUEST is the entire client HTTP request header, e.g.

GET /robots.txt HTTP/1.1

I used robots.txt as the example URL to remind you that there may be several URLs that you should not rewrite to your script...

Jim