Hi,
I'd like to short-circuit certain requests that contain no session
cookie with a HTTP 403, an ErrorDocument and a few response headers.
The following almost works:
RewriteCond %{REQUEST_METHOD} !OPTIONS
RewriteCond %{HTTP_COOKIE} !session=
RewriteRule ^/foo - [E=FOO:FOO,R=403,L]
Header always set X-Foo "test1" env=FOO
Header always set X-Bar "test2"
ErrorDocument 403 /error403.json
However, if the ErrorDocument is used, only X-Bar gets set but not
X-Foo. Without an ErrorDocument, both X-Foo and X-Bar get set (when
the RewriteCond and -Rule all match). The documentation for
mod_headers would lead me to believe that the "always" would be
sufficient to also set X-Foo. Does anyone here have suggestions how
to get this whole construct to work, or alternatives to achieve the
same effect?
We're currently using httpd 2.4.58 on Ubuntu.
Rainer
--
This email is confidential. If you are not the intended recipient, please
delete it and notify us immediately by telephoning or e-mailing the sender.
You should not copy it or use it for any purpose nor disclose its contents
to any other person.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|