On Wed, Jan 8, 2025 at 7:41 PM Eric Covener <covener@xxxxxxxxx> wrote: > > On Wed, Jan 8, 2025 at 1:27 PM Rainer Canavan > <rainer.canavan+httpdusers@xxxxxxxxxx.invalid> wrote: > > > > Hi, > > > > I'd like to short-circuit certain requests that contain no session > > cookie with a HTTP 403, an ErrorDocument and a few response headers. > > > > The following almost works: > > > > RewriteCond %{REQUEST_METHOD} !OPTIONS > > RewriteCond %{HTTP_COOKIE} !session= > > RewriteRule ^/foo - [E=FOO:FOO,R=403,L] > > > > Header always set X-Foo "test1" env=FOO > > Header always set X-Bar "test2" > > > > ErrorDocument 403 /error403.json > > > > However, if the ErrorDocument is used, only X-Bar gets set but not > > X-Foo. Without an ErrorDocument, both X-Foo and X-Bar get set (when > > the RewriteCond and -Rule all match). The documentation for > > mod_headers would lead me to believe that the "always" would be > > sufficient to also set X-Foo. Does anyone here have suggestions how > > to get this whole construct to work, or alternatives to achieve the > > same effect? > > > > Maybe you need to look at env=REDIRECT_FOO while the errordocument is > being served? Hi Eric, that is indeed the correct solution, FOO gets renamed to REDIRECT_FOO when an ErrorDocument is served. So the corrected statement would be: Header always set X-Foo "test1" env=REDIRECT_FOO thanks, Rainer -- This email is confidential. If you are not the intended recipient, please delete it and notify us immediately by telephoning or e-mailing the sender. You should not copy it or use it for any purpose nor disclose its contents to any other person. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx