httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bob Ionescu <bobsie...@googlemail.com>
Subject Re: [users@httpd] Mixing rewrite with authn_dbd: Rewriting based on path value stored in mysql table
Date Tue, 12 May 2009 09:51:55 GMT
2009/5/12 Roman Medina-Heigl Hernandez <roman@rs-labs.com>:
> My final solution is:
>
>                RewriteBase /stats
>                RewriteCond %{REMOTE_USER}/<>$1 !^([^<]+)<>\1
>                RewriteRule ^/clientes/(.*) /stats/%{REMOTE_USER}/stats/http/$1
>
>                RewriteCond $1 !^[^/]+/stats/http/
>                RewriteRule ^/clientes/(.*) hacking_attempt [F]
>
>
> The alternative (adding L) is:
>
>                RewriteBase /stats
>                RewriteCond %{REMOTE_USER}/<>$1 !^([^<]+)<>\1
>                RewriteRule ^/clientes/(.*)
> /stats/%{REMOTE_USER}/stats/http/$1 [L]
>
>                RewriteCond $1 !^[^/]+/stats/http/
>                RewriteRule ^/clientes/(.*) hacking_attempt [F,L]
>
> But I see no real difference between both solutions. Am I right?

L makes only sense to abort something below, i.e. if there's nothing,
there's nothing to abort (F implies L btw., the substitution will be
dropped as well). Your second rule (forbidden) comes never true, if
the first rule matched. So you could stop further (useless) processing
with the L flag at your first rule.

Bob

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message