Rewrite Rules Behavior Changes When Used Together
Each rule set below works fine when used alone. However, when used together, the rules' behavior changes.
When rule set # 2 is used by itself, a request for https://internal/Security/login is rewritten by Apache to sapphire/main.php without the browser's knowledge. This is the expected behavior.
When both rule sets are used together, a request for the previously mentioned URL results in Apache sending a 301 redirect to http://internal/sapphire/main.php?url=Security/login.
Why does Apache send this redirect instead of doing an internal rewrite?
# Rule Set # 1
# - Forces all HTTPS requests to HTTP, except for security section requests.
# 开发者_JAVA技巧Example: request for https://internal/abc/
# -> redirected to http://internal/abc/
RewriteCond %{SERVER_PORT} =443
RewriteCond %{REQUEST_URI} !^/Security($|/.*$)
RewriteRule (.*) http://internal/$1 [R=301,L]
# Rule Set # 2
# - Hands request to CMS - web user does not see this behind-the-scenes rewrite
RewriteRule (.*) sapphire/main.php?url=$1&%{QUERY_STRING} [L]
The L flag causes an reinjection of the already rewritten URL. So try to analyze the original requested URL instead:
RewriteCond %{SERVER_PORT} =443
RewriteCond %{THE_REQUEST} ^[A-Z]+\ /Security[/?\ ]
RewriteRule (.*) http://internal/$1 [R=301,L]
精彩评论