On Wed, Jan 8, 2025 at 1:27 PM Rainer Canavan
<rainer.canavan+httpdusers@xxxxxxxxxx.invalid> wrote:
>
> Hi,
>
> I'd like to short-circuit certain requests that contain no session
> cookie with a HTTP 403, an ErrorDocument and a few response headers.
>
> The following almost works:
>
> RewriteCond %{REQUEST_METHOD} !OPTIONS
> RewriteCond %{HTTP_COOKIE} !session=
> RewriteRule ^/foo - [E=FOO:FOO,R=403,L]
>
> Header always set X-Foo "test1" env=FOO
> Header always set X-Bar "test2"
>
> ErrorDocument 403 /error403.json
>
> However, if the ErrorDocument is used, only X-Bar gets set but not
> X-Foo. Without an ErrorDocument, both X-Foo and X-Bar get set (when
> the RewriteCond and -Rule all match). The documentation for
> mod_headers would lead me to believe that the "always" would be
> sufficient to also set X-Foo. Does anyone here have suggestions how
> to get this whole construct to work, or alternatives to achieve the
> same effect?
>
Maybe you need to look at env=REDIRECT_FOO while the errordocument is
being served?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|