rewritecond 基于 http 状态码
rewritecond based on http status code
apache 中是否有任何方法可以根据您获得的 http 代码响应设置重写条件? oauth 代理 (apache) 前面的服务器重定向 (302) 到我的 auth 提供商;但是我不希望它代理 websocket 目录中的任何内容——我宁愿它 403。这一切都是为了防止它不断尝试重新验证它未被授权的内容并为 OpenIDC 建立大量状态 cookie。
感谢您的考虑。
像这样:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^my\.server\.co$
RewriteCond %{HTTP_RESPONSE} 302
RewriteCond %{REQUEST_URI} ^/websocket
RewriteRule (.*) [F,L,NC]
您应该可以使用:
<Location /websocket>
OIDCUnAuthAction 401
</Location>
如配置原语中 here 所述:
# (Optional)
# Defines the action to be taken when an unauthenticated request is made.
# "auth" means that the user is redirected to the OpenID Connect Provider or Discovery page.
# "401" means that HTTP 401 Unauthorized is returned.
# "pass" means that an unauthenticated request will pass but claims will still be passed when a user happens to be authenticated already
# Useful in Location/Directory/Proxy path contexts that serve AJAX/Javascript calls and for "anonymous access"
# When not defined the default "auth" is used.
#OIDCUnAuthAction [auth|pass|401]
(嗯,它会 return 401 状态代码而不是 403)
其他解决方案
RewriteEngine on
ErrorDocument 403 /%{REQUEST_URI}/403.shtml
ErrorDocument 404 /%{REQUEST_URI}/404.shtml
RewriteCond %{REQUEST_URI} /([0-9]{3}+).shtml$ [NC]
RewriteRule (.*) [R=%1,L]
apache 中是否有任何方法可以根据您获得的 http 代码响应设置重写条件? oauth 代理 (apache) 前面的服务器重定向 (302) 到我的 auth 提供商;但是我不希望它代理 websocket 目录中的任何内容——我宁愿它 403。这一切都是为了防止它不断尝试重新验证它未被授权的内容并为 OpenIDC 建立大量状态 cookie。
感谢您的考虑。
像这样:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^my\.server\.co$
RewriteCond %{HTTP_RESPONSE} 302
RewriteCond %{REQUEST_URI} ^/websocket
RewriteRule (.*) [F,L,NC]
您应该可以使用:
<Location /websocket>
OIDCUnAuthAction 401
</Location>
如配置原语中 here 所述:
# (Optional)
# Defines the action to be taken when an unauthenticated request is made.
# "auth" means that the user is redirected to the OpenID Connect Provider or Discovery page.
# "401" means that HTTP 401 Unauthorized is returned.
# "pass" means that an unauthenticated request will pass but claims will still be passed when a user happens to be authenticated already
# Useful in Location/Directory/Proxy path contexts that serve AJAX/Javascript calls and for "anonymous access"
# When not defined the default "auth" is used.
#OIDCUnAuthAction [auth|pass|401]
(嗯,它会 return 401 状态代码而不是 403)
其他解决方案
RewriteEngine on
ErrorDocument 403 /%{REQUEST_URI}/403.shtml
ErrorDocument 404 /%{REQUEST_URI}/404.shtml
RewriteCond %{REQUEST_URI} /([0-9]{3}+).shtml$ [NC]
RewriteRule (.*) [R=%1,L]