I appear to have found a workable solution.
> -----Original Message-----
> From: Belov, Charles
> Sent: Tuesday, February 15, 2011 11:53 AM
> To: 'users@xxxxxxxxxxxxxxxx'
> Subject: Rewrite conflicts with partial downloads
>
> The SFMTA has various archival documents on the www.sfmta.com
> website which we need to retain without modification for
> public disclosure. As the documents have the potential of
> being mistaken for current information, I put in a feature in
> which a request that comes in without a referer from a
> document's parent directory will be shown a warning page
> informing the requestor that the document is archival. They
> can then follow an altered link to the document which will
> not require an authorized referer.
>
> I had to back this change out because it turns out that when
> Internet Explorer (and possibly other browsers) do this
> download, it sends a referer for the initial request but then
> sends additional partial requests without the referer. So
> the first part of the file gets downloaded, then requests for
> additional parts of the file get redirected to the warning
> page, causing Internet Explorer to freeze.
>
> The question is, is there a way I can indicate to mod_rewrite
> that this is a follow-up partial request -- that is, detect
> the range request header -- and that it is not to do a
> rewrite of the URL?
>
> I plan to separately report this as a bug to Microsoft, but
> in the meantime, site visitors need to be able to access the
> file without freezing their browser. So the question is, is
> there a way I can prevent the rewrite in the case of a
> partial request?
>
> Details follow:
>
> Example file of interest:
> http://www.sfmta.com/cms/cmta/documents/2-15-11Item11.pdf
>
> Example referer:
> http://www.sfmta.com/cms/cmta/SFMTABoardFeb.152011SpecialMeeti
> ngagenda.htm
>
> .htaccess rewrite code for the /cms/cmta/documents directory
> (currently backed out):
>
Corrected solution .htaccess file, currently implemented in /cmta_test/
directory.
# /cms/cmta/documents/.htaccess
# if someone enters just www.sfmuni.com/cmta/, go to this page
DirectoryIndex mtaindx.htm
# if not referred from cmta and not an override, give warning before
allowing
RewriteEngine On
RewriteCond %{HTTP_REFERER}
!^http://(www\.)?sfmta\.com/cms/cmta(_test)?/ [NC]
RewriteCond %{HTTP_REFERER}
!^https://sfmta\.securesites\.net/cms/cmta(_test)?/ [NC]
RewriteCond %{QUERY_STRING} !^giveMeTheArchive$
RewriteRule ^(.*)$
/cms/asystem/302-archive-warning.php?request=/cms/cmta/documents/$1
[R=303,L]
# and feed back that the location is without the query part
# and that only the SFMTA.com location is to be indexed
SetEnvIf request_uri "^/(.*)$" this_request_uri=$1
Header set Location "http://www.sfmta.com/%{this_request_uri}e";
# prevent partial downloads for IE
SetEnv acceptranges=bytes
BrowserMatchNoCase msie acceptranges=none
Header set Accept-Ranges %{acceptranges}e
>
> www.sfmta.com/cms/asystem/302-archive-warning.php?request=/cms
/cmta/documents/2-15-11Item11.pdf
> will give a warning page which produces a sanitized link to
> http://www.sfmta.com/cms/cmta/documents/2-15-11Item11.pdf?give
> MeTheArchive
>
> Server log for a sample Internet Explorer request:
>
> Request 1 at 9:21:06 PT:
> GET /cms/cmta/documents/2-15-11Item11.pdf HTTP/1.1
> Referer:
> http://www.sfmta.com/cms/cmta/SFMTABoardFeb.152011SpecialMeeti
> ngagenda.htm
> Result: 200 OK status, 751,863 bytes
>
> Request 2 at 9:21:07 PT:
> GET /cms/cmta/documents/2-15-11Item11.pdf HTTP/1.1
> Referer: -
> Result: 303 See Other status, 253 bytes
>
> Request 3 at 9:21:07 PT
> GET
> /cms/asystem/302-archive-warning.php?request=/cms/cmta/documen
> ts/2-15-11Item11.pdf HTTP/1.1
> Referer: -
> Result: 416 Requested Range Not Satisfiable status, 230 bytes
>
> Well, of course there is a 416, since the request is no
> longer for the PDF but for the warning page. But it's a moot
> point, since the task was in trouble as of request 2 when it
> came in without a referer, even though it's a follow-up on
> request 1, which did have the referer, and got redirected.
>
The issue is that by adding the header Accept-Ranges, it prevents
Internet Explorer from following up with a content-range request.
However, Firefox, which does provide a referer in conjunction with
content-range requests, displays a blank document in place of the PDF if
I send it the Accept-Ranges: none header.
BrowserMatch doesn't seem to allow me to conditionally send a header
only for IE, at least so far as I can tell by the documentation, and
none of the <...> directives seem to allow me to branch by browser.
Hope this helps,
Charles Belov
SFMTA Webmaster
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|