You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Mxrgus Pxrt <ma...@tione.eu> on 2010/12/10 01:31:55 UTC

[users@httpd] SetEnv HTTPS on... not working.

Hello!

I have SSL offloader sending HTTPS header to backend server.

In backend server I have:
SetEnvIf HTTPS "(..*)" HTTPS=$1
RewriteCond %{HTTPS} !=on
RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS} [L,R=301]

And it causes infinite redirect loop (to https://server/url/?off), 
because env value HTTPS is "off" for RewriteCond.


I also tried:
SetEnv HTTPS on
RewriteCond %{HTTPS} !=on
RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS} [L,R=301]

But it also created infinite loop - HTTPS was shown to be off.


If I watch HTTPS env value from some script (eg PHP $_SERVER['HTTPS'] is 
"on"), then from there it is shown "on".



I got it woking so:
RewriteCond %{HTTP:HTTPS} !=on
RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS} [L,R=301]

But I would like, if it would not check header, but env value. Could 
anyone clarify, why it works so, or throw some good link please?



Best regards,
Margus Pärt

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] SetEnv HTTPS on... not working.

Posted by Igor Cicimov <ic...@gmail.com>.

Actually I would even change the name of the variable HTTPS because it
clashes with the HTTPS apache one.

SetEnvIf Request_Protocol ^HTTPS.* IS_HTTPS

if you want to use this variable later. But basically don't you get the same
logic still, I mean you are setting the variable but still by checking an
request header so not sure what you really try to achieve here?

Igor


On Fri, Dec 10, 2010 at 12:56 PM, Igor Cicimov <ic...@gmail.com> wrote:

> http://httpd.apache.org/docs/2.2/mod/mod_setenvif.html#setenvif
>
> Request_Protocol - the name and version of the protocol with which the
> request was made (*e.g.*, "HTTP/0.9", "HTTP/1.1", *etc.*)
>
> so I would try
>
>
>  SetEnvIf Request_Protocol ^HTTPS.* HTTPS
>
> Cheers,
> Igor
>
>
>
> On Fri, Dec 10, 2010 at 11:31 AM, Mxrgus Pxrt <ma...@tione.eu> wrote:
>
>> Hello!
>>
>> I have SSL offloader sending HTTPS header to backend server.
>>
>> In backend server I have:
>> SetEnvIf HTTPS "(..*)" HTTPS=$1
>> RewriteCond %{HTTPS} !=on
>> RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS}
>> [L,R=301]
>>
>> And it causes infinite redirect loop (to https://server/url/?off),
>> because env value HTTPS is "off" for RewriteCond.
>>
>>
>> I also tried:
>> SetEnv HTTPS on
>> RewriteCond %{HTTPS} !=on
>> RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS}
>> [L,R=301]
>>
>> But it also created infinite loop - HTTPS was shown to be off.
>>
>>
>> If I watch HTTPS env value from some script (eg PHP $_SERVER['HTTPS'] is
>> "on"), then from there it is shown "on".
>>
>>
>>
>> I got it woking so:
>> RewriteCond %{HTTP:HTTPS} !=on
>> RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS}
>> [L,R=301]
>>
>> But I would like, if it would not check header, but env value. Could
>> anyone clarify, why it works so, or throw some good link please?
>>
>>
>>
>> Best regards,
>> Margus Pärt
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

Re: [users@httpd] SetEnv HTTPS on... not working.

Posted by Igor Cicimov <ic...@gmail.com>.

http://httpd.apache.org/docs/2.2/mod/mod_setenvif.html#setenvif

Request_Protocol - the name and version of the protocol with which the
request was made (*e.g.*, "HTTP/0.9", "HTTP/1.1", *etc.*)

so I would try


 SetEnvIf Request_Protocol ^HTTPS.* HTTPS

Cheers,
Igor


On Fri, Dec 10, 2010 at 11:31 AM, Mxrgus Pxrt <ma...@tione.eu> wrote:

> Hello!
>
> I have SSL offloader sending HTTPS header to backend server.
>
> In backend server I have:
> SetEnvIf HTTPS "(..*)" HTTPS=$1
> RewriteCond %{HTTPS} !=on
> RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS}
> [L,R=301]
>
> And it causes infinite redirect loop (to https://server/url/?off), because
> env value HTTPS is "off" for RewriteCond.
>
>
> I also tried:
> SetEnv HTTPS on
> RewriteCond %{HTTPS} !=on
> RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS}
> [L,R=301]
>
> But it also created infinite loop - HTTPS was shown to be off.
>
>
> If I watch HTTPS env value from some script (eg PHP $_SERVER['HTTPS'] is
> "on"), then from there it is shown "on".
>
>
>
> I got it woking so:
> RewriteCond %{HTTP:HTTPS} !=on
> RewriteRule (.*)      https://%{HTTP_HOST}%{REQUEST_URI}?%{HTTPS}
> [L,R=301]
>
> But I would like, if it would not check header, but env value. Could anyone
> clarify, why it works so, or throw some good link please?
>
>
>
> Best regards,
> Margus Pärt
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>