Re: Case in-sensitivity for location directive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- "Oswald Caelan" <ocaelan@xxxxxxxxx> wrote:

> Hello all,
> 
> 
> I am working with a solution that requires the usage of
> mod_proxy_balancer and an application server that both ignores case
> and mixes different case combinations in URLs found in generated
> content. The configuration works, however I have now a new requirement
> that causes problems.
> 
> 
> I should be able to create a location directive (as per
> http://httpd.apache.org/docs/current/mod/core.html#location ) and have
> the URL-path interpret in case insensitive mode. This requirement
> comes from the need to add authentication directives to the location.
> As you might guess, users (or the application in question) changing
> one letter to capital circumvents the protection instantly. The httpd
> runs on Unix platform so every configuration directive is apparently
> case sensitive by default.


In a proxy context, you would have to..well, put your Authentication directives
in a <Proxy > block:

http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxy
The trouble here is that you cannot put the Proxy only allows
shell-style wild-cards, so you would have to do stuff like:

<Proxy http://omfzd.tld/[zZ][uU][tT][aA][pP]/*>
</Proxy>

As <Proxy > doesn't have a <ProxyMatch > equivalent.
 
> Should the regular expressions in the Location directive work in this
> case? Could someone please show me an example of such configuration
> that should work?

Yupp:

http://httpd.apache.org/docs/current/mod/core.html#locationmatch

<LocationMatch ^/(?izutap/.*)$>

(if memory serves me right, that should work out.)


> In case a regular expression can not be forced to work case
> insensitively, what part of httpd's source code should I go around
> modifying?

-- 
Igor GaliÄ

Tel: +43 (0) 664 886 22 883
Mail: i.galic@xxxxxxxxxxxxxx
URL: http://brainsware.org/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux