On Thu, 26 May 2011, admin@xxxxxxxxxxxxxxxxxxx wrote:
The %{HTTPS} variable is not an Apache core variable. A more-portable
solution is to check %{SERVER_PORT} for port 80 or port 443 -- or for "not
port 80" or "not port 443."
ah but this doesn't actually work for me, I get 80 regardless of whether I
use HTTP or HTTPS, even if I use https://example.com:443
Also, you're requiring an *exact* match on "not /user" or "not /admin,"
meaning that directory and file paths below these directories will not be
matched -- They will always be redirected by the second rule.
{snip other rewrite stuff}
uh... I didn't say anything about matching URL patterns or the like. I
just want my application to do whatever is already being done. And
hard-coding URL paths is a bad idea because someone else might want to
install the code under some other path.
I don't really want to use rewrite rules to achieve this. If I did, every
time my code redirects the browser, it will cause a rewrite from an HTTP
URL to an HTTPS URL, which surely is inefficient.
Surely it should be simple enough for me to detect whichever is being used
and continue to use it. This makes my code separate from whatever the
webmaster decides to do regarding being secure or not.
Geoff.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
