summaryrefslogtreecommitdiffstats
path: root/docs/manual/rewrite/flags.html
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-25 04:41:28 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-25 04:41:28 +0000
commitb1a1c1d95059e2fefd7b5671eb110ab690409a84 (patch)
tree97ecfcc9425e2d09d2cd669594d626a616f324a3 /docs/manual/rewrite/flags.html
parentReleasing progress-linux version 2.4.38-3+deb10u10progress5u1. (diff)
downloadapache2-b1a1c1d95059e2fefd7b5671eb110ab690409a84.tar.xz
apache2-b1a1c1d95059e2fefd7b5671eb110ab690409a84.zip
Merging upstream version 2.4.59.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--docs/manual/rewrite/flags.html2
-rw-r--r--docs/manual/rewrite/flags.html.en159
-rw-r--r--docs/manual/rewrite/flags.html.fr.utf8159
3 files changed, 221 insertions, 99 deletions
diff --git a/docs/manual/rewrite/flags.html b/docs/manual/rewrite/flags.html
index a4beb18..e74abb3 100644
--- a/docs/manual/rewrite/flags.html
+++ b/docs/manual/rewrite/flags.html
@@ -2,7 +2,7 @@
URI: flags.html.en
Content-Language: en
-Content-type: text/html; charset=ISO-8859-1
+Content-type: text/html; charset=UTF-8
URI: flags.html.fr.utf8
Content-Language: fr
diff --git a/docs/manual/rewrite/flags.html.en b/docs/manual/rewrite/flags.html.en
index 1984882..bfb5656 100644
--- a/docs/manual/rewrite/flags.html.en
+++ b/docs/manual/rewrite/flags.html.en
@@ -1,7 +1,7 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
+<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
-<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
+<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
<!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
@@ -24,7 +24,7 @@
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.4</a> &gt; <a href="./">Rewrite</a></div><div id="page-content"><div id="preamble"><h1>RewriteRule Flags</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/rewrite/flags.html" title="English">&nbsp;en&nbsp;</a> |
-<a href="../fr/rewrite/flags.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a></p>
+<a href="../fr/rewrite/flags.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a></p>
</div>
<p>This document discusses the flags which are available to the
@@ -34,6 +34,8 @@ providing detailed explanations and examples.</p>
<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#introduction">Introduction</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#flag_b">B (escape backreferences)</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#flag_bnp">BNP|backrefnoplus (don't escape space to +)</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#flag_bctls">BCTLS</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#flag_bne">BNE</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#flag_c">C|chain</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#flag_co">CO|cookie</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#flag_dpi">DPI|discardpath</a></li>
@@ -67,7 +69,7 @@ by commas.</p>
<p>Each flag (with a few exceptions) has a short form, such as
-<code>CO</code>, as well as a longer form, such as <code>cookie</code>.
+<code>CO</code>, as well as a longer form, such as <code>cookie</code>.
While it is most common to use
the short form, it is recommended that you familiarize yourself with the
long form, so that you remember what each flag is supposed to do.
@@ -85,16 +87,16 @@ of how you might use them.</p>
<h2><a name="flag_b" id="flag_b">B (escape backreferences)</a></h2>
<p>The [B] flag instructs <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> to escape non-alphanumeric
characters before applying the transformation.</p>
-<p>In 2.4.26 and later, you can limit the escaping to specific characters
-in backreferences by listing them: <code>[B=#?;]</code>. Note: The space
-character can be used in the list of characters to escape, but it cannot be
-the last character in the list.</p>
<p><code>mod_rewrite</code> has to unescape URLs before mapping them,
so backreferences are unescaped at the time they are applied.
Using the B flag, non-alphanumeric characters in backreferences
will be escaped. For example, consider the rule:</p>
+<p>For similar escaping of server-variables, see
+ the "escape" <a href="#mapfunc">mapping-function</a></p>
+
+
<pre class="prettyprint lang-config">RewriteRule "^search/(.*)$" "/search.php?term=$1"</pre>
@@ -120,6 +122,20 @@ when the backend may break if presented with an unescaped URL.</p>
<p>An alternative to this flag is using a <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> to capture against %{THE_REQUEST} which will capture
strings in the encoded form.</p>
+
+<p>In 2.4.26 and later, you can limit the escaping to specific characters
+in backreferences by listing them: <code>[B=#?;]</code>. Note: The space
+character can be used in the list of characters to escape, but you must quote
+the entire third argument of <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>
+and the space must not be the last character in the list.</p>
+
+<pre class="prettyprint lang-config"># Escape spaces and question marks. The quotes around the final argument
+# are required when a space is included.
+RewriteRule "^search/(.*)$" "/search.php?term=$1" "[B= ?]"</pre>
+
+
+<p>To limit the characters escaped this way, see <a href="#flag_bne">#flag_bne</a>
+ and <a href="#flag_bctls">#flag_bctls</a></p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="flag_bnp" id="flag_bnp">BNP|backrefnoplus (don't escape space to +)</a></h2>
@@ -127,10 +143,42 @@ strings in the encoded form.</p>
in a backreference to %20 rather than '+'. Useful when the backreference
will be used in the path component rather than the query string.</p>
+<pre class="prettyprint lang-config"># Escape spaces to %20 in the path instead of + as used in form submission via
+# the query string
+RewriteRule "^search/(.*)$" "/search.php/$1" "[B,BNP]"</pre>
+
+
+
<p>This flag is available in version 2.4.26 and later.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="flag_bctls" id="flag_bctls">BCTLS</a></h2>
+<p>The [BCTLS] flag is similar to the [B] flag, but only escapes
+control characters and the space character. This is the same set of
+characters rejected when they are copied into the query string unencoded.
+</p>
+
+<pre class="prettyprint lang-config"># Escape control characters and spaces
+RewriteRule "^search/(.*)$" "/search.php/$1" "[BCTLS]"</pre>
+
+
+<p>This flag is available in version 2.4.57 and later.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
+<h2><a name="flag_bne" id="flag_bne">BNE</a></h2>
+<p>The list of characters in [BNE=...] are treated as exclusions to the
+characters of the [B] or [BCTLS] flags. The listed characters will not be
+escaped.
+</p>
+
+<pre class="prettyprint lang-config"># Escape the default characters, but leave /
+RewriteRule "^search/(.*)$" "/search.php?term=$1" "[B,BNE=/]"</pre>
+
+
+<p>This flag is available in version 2.4.57 and later.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
<h2><a name="flag_c" id="flag_c">C|chain</a></h2>
<p>The [C] or [chain] flag indicates that the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> is chained to the next
rule. That is, if the rule matches, then it is processed as usual and
@@ -143,14 +191,14 @@ skipped.</p>
<h2><a name="flag_co" id="flag_co">CO|cookie</a></h2>
<p>The [CO], or [cookie] flag, allows you to set a cookie when a
particular <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>
-matches. The argument consists of three required fields and four optional
+matches. The argument consists of three required fields and five optional
fields.</p>
<p>The full syntax for the flag, including all attributes, is as
follows:</p>
<div class="example"><p><code>
-[CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly]
+[CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly:samesite]
</code></p></div>
<p>If a literal ':' character is needed in any of the cookie fields, an
@@ -159,7 +207,7 @@ alternate syntax is available. To opt-in to the alternate syntax, the cookie
specified as ';'.</p>
<div class="example"><p><code>
-[CO=;NAME;VALUE:MOREVALUE;DOMAIN;lifetime;path;secure;httponly]
+[CO=;NAME;VALUE:MOREVALUE;DOMAIN;lifetime;path;secure;httponly;samesite]
</code></p></div>
<p>You must declare a name, a value, and a domain for the cookie to be set.</p>
@@ -199,12 +247,18 @@ connections.</dd>
<code>1</code>, the cookie will have the <code>HttpOnly</code> flag set,
which means that the cookie is inaccessible to JavaScript code on
browsers that support this feature.</dd>
+
+<dt>samesite</dt>
+<dd>If set to anything other than <code>false</code> or <code>0</code>, the <code>SameSite</code>
+attribute is set to the specified value. Typical values are <code>None</code>,
+<code>Lax</code>, and <code>Strict</code>. Available in 2.4.47 and later.</dd>
</dl>
+
<p>Consider this example:</p>
<pre class="prettyprint lang-config">RewriteEngine On
-RewriteRule "^/index\.html" "-" [CO=frontdoor:yes:.example.com:1440:/]</pre>
+RewriteRule "^/index\.html" "-" [CO=frontdoor:yes:.example.com:1440:/]</pre>
<p>In the example give, the rule doesn't rewrite the request.
@@ -289,8 +343,8 @@ value of '1' if the requested URI is an image file. Then, that
environment variable is used to exclude those requests from the access
log.</p>
-<pre class="prettyprint lang-config">RewriteRule "\.(png|gif|jpg)$" "-" [E=image:1]
-CustomLog "logs/access_log" combined env=!image</pre>
+<pre class="prettyprint lang-config">RewriteRule "\.(png|gif|jpg)$" "-" [E=image:1]
+CustomLog "logs/access_log" combined env=!image</pre>
<p>Note that this same effect can be obtained using <code class="directive"><a href="../mod/mod_setenvif.html#setenvif">SetEnvIf</a></code>. This technique is offered as
@@ -315,7 +369,7 @@ allows more flexibility in assigning a Forbidden status.</p>
<p>The following rule will forbid <code>.exe</code> files from being
downloaded from your server.</p>
-<pre class="prettyprint lang-config">RewriteRule "\.exe" "-" [F]</pre>
+<pre class="prettyprint lang-config">RewriteRule "\.exe" "-" [F]</pre>
<p>This example uses the "-" syntax for the rewrite target, which means
@@ -335,7 +389,7 @@ longer available.</p>
<p>As with the [F] flag, you will typically use the "-" syntax for the
rewrite target when using the [G] flag:</p>
-<pre class="prettyprint lang-config">RewriteRule "oldproduct" "-" [G,NC]</pre>
+<pre class="prettyprint lang-config">RewriteRule "oldproduct" "-" [G,NC]</pre>
<p>When using [G], an [L] is implied - that is, the response is returned
@@ -348,7 +402,7 @@ immediately, and no further rules are evaluated.</p>
handler. For example, one might use this to force all files without a
file extension to be parsed by the php handler:</p>
-<pre class="prettyprint lang-config">RewriteRule "!\." "-" [H=application/x-httpd-php]</pre>
+<pre class="prettyprint lang-config">RewriteRule "!\." "-" [H=application/x-httpd-php]</pre>
<p>
@@ -410,8 +464,8 @@ argument to <code>index.php</code>, however, the <code class="directive"><a href
is already for <code>index.php</code>, the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> will be skipped.</p>
<pre class="prettyprint lang-config">RewriteBase "/"
-RewriteCond "%{REQUEST_URI}" "!=/index.php"
-RewriteRule "^(.*)" "/index.php?req=$1" [L,PT]</pre>
+RewriteCond "%{REQUEST_URI}" !=/index.php
+RewriteRule "^(.*)" "/index.php?req=$1" [L,PT]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
@@ -434,11 +488,11 @@ pattern still matches (i.e., while the URI still contains an
<code>A</code>), perform this substitution (i.e., replace the
<code>A</code> with a <code>B</code>).</p>
-<p>In 2.4.8 and later, this module returns an error after 32,000 iterations to
-protect against unintended looping. An alternative maximum number of
+<p>In 2.4.8 and later, this module returns an error after 10,000 iterations to
+protect against unintended looping. An alternative maximum number of
iterations can be specified by adding to the N flag. </p>
<pre class="prettyprint lang-config"># Be willing to replace 1 character in each pass of the loop
-RewriteRule "(.+)[&gt;&lt;;]$" "$1" [N=64000]
+RewriteRule "(.+)[&gt;&lt;;]$" "$1" [N=32000]
# ... or, give up if after 10 loops
RewriteRule "(.+)[&gt;&lt;;]$" "$1" [N=10]</pre>
@@ -462,7 +516,8 @@ example.</p>
<h2><a name="flag_ne" id="flag_ne">NE|noescape</a></h2>
<p>By default, special characters, such as <code>&amp;</code> and
<code>?</code>, for example, will be converted to their hexcode
-equivalent. Using the [NE] flag prevents that from happening.
+equivalent for rules that result in external redirects.
+Using the [NE] flag prevents that from happening.
</p>
<pre class="prettyprint lang-config">RewriteRule "^/anchor/(.+)" "/bigpage.html#$1" [NE,R]</pre>
@@ -533,11 +588,17 @@ client undue influence.</p>
<div class="warning">
<h3>Performance warning</h3>
-<p>Using this flag triggers the use of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>, without handling of persistent connections. This
-means the performance of your proxy will be better if you set it up with <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> or
-<code class="directive"><a href="../mod/mod_proxy.html#proxypassmatch">ProxyPassMatch</a></code></p>
-<p>This is because this flag triggers the use of the default worker, which does not handle connection pooling/reuse.</p>
-<p>Avoid using this flag and prefer those directives, whenever you can.</p>
+<p>Using this flag triggers the use of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>, without
+handling of persistent connections as the default worker is used in this case,
+which does not handle connection pooling/reuse.</p>
+<p>In order to use persistent connections you need to setup a
+<code class="directive"><a href="../mod/mod_proxy.html#proxy">Proxy</a></code> block at least for the scheme
+and host part of the target URL containing a
+<code class="directive"><a href="../mod/mod_proxy.html#proxyset">ProxySet</a></code> directive where you e.g. set
+a timeout.</p>
+<p>If you set it up with <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> or
+<code class="directive"><a href="../mod/mod_proxy.html#proxypassmatch">ProxyPassMatch</a></code> persistent connections
+will be used automatically.</p>
</div>
<p>Note: <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> must be enabled in order
@@ -681,19 +742,21 @@ URI in request' warnings.
<p>The [S] flag is used to skip rules that you don't want to run. The
syntax of the skip flag is [S=<em>N</em>], where <em>N</em> signifies
the number of rules to skip (provided the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">
-RewriteRule</a></code> matches). This can be thought of as a <code>goto</code>
-statement in your rewrite ruleset. In the following example, we only want
-to run the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> if the
-requested URI doesn't correspond with an actual file.</p>
+RewriteRule</a></code> and any preceding <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">
+RewriteCond</a></code> directives match). This can be thought of as a
+<code>goto</code> statement in your rewrite ruleset. In the following
+example, we only want to run the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">
+RewriteRule</a></code> if the requested URI doesn't correspond with an
+actual file.</p>
<pre class="prettyprint lang-config"># Is the request for a non-existent file?
-RewriteCond "%{REQUEST_FILENAME}" "!-f"
-RewriteCond "%{REQUEST_FILENAME}" "!-d"
+RewriteCond "%{REQUEST_FILENAME}" !-f
+RewriteCond "%{REQUEST_FILENAME}" !-d
# If so, skip these two RewriteRules
-RewriteRule ".?" "-" [S=2]
+RewriteRule ".?" "-" [S=2]
-RewriteRule "(.*\.gif)" "images.php?$1"
-RewriteRule "(.*\.html)" "docs.php?$1"</pre>
+RewriteRule "(.*\.gif)" "images.php?$1"
+RewriteRule "(.*\.html)" "docs.php?$1"</pre>
<p>This technique is useful because a <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> only applies to the
@@ -705,18 +768,18 @@ use this to make pseudo if-then-else constructs: The last rule of
the then-clause becomes <code>skip=N</code>, where N is the
number of rules in the else-clause:</p>
<pre class="prettyprint lang-config"># Does the file exist?
-RewriteCond "%{REQUEST_FILENAME}" "!-f"
-RewriteCond "%{REQUEST_FILENAME}" "!-d"
+RewriteCond "%{REQUEST_FILENAME}" !-f
+RewriteCond "%{REQUEST_FILENAME}" !-d
# Create an if-then-else construct by skipping 3 lines if we meant to go to the "else" stanza.
-RewriteRule ".?" "-" [S=3]
+RewriteRule ".?" "-" [S=3]
# IF the file exists, then:
- RewriteRule "(.*\.gif)" "images.php?$1"
+ RewriteRule "(.*\.gif)" "images.php?$1"
RewriteRule "(.*\.html)" "docs.php?$1"
# Skip past the "else" stanza.
- RewriteRule ".?" "-" [S=1]
+ RewriteRule ".?" "-" [S=1]
# ELSE...
- RewriteRule "(.*)" "404.php?file=$1"
+ RewriteRule "(.*)" "404.php?file=$1"
# END</pre>
@@ -733,7 +796,7 @@ sent. This has the same effect as the <code class="directive"><a href="../mod/mo
source code as plain text, if requested in a particular way:</p>
<pre class="prettyprint lang-config"># Serve .pl files as plain text
-RewriteRule "\.pl$" "-" [T=text/plain]</pre>
+RewriteRule "\.pl$" "-" [T=text/plain]</pre>
<p>Or, perhaps, if you have a camera that produces jpeg images without
@@ -741,7 +804,7 @@ file extensions, you could force those images to be served with the
correct MIME type by virtue of their file names:</p>
<pre class="prettyprint lang-config"># Files with 'IMG' in the name are jpg images.
-RewriteRule "IMG" "-" [T=image/jpg]</pre>
+RewriteRule "IMG" "-" [T=image/jpg]</pre>
<p>Please note that this is a trivial example, and could be better done
@@ -761,8 +824,8 @@ The <code>L</code> flag can be useful in this context to end the
</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/rewrite/flags.html" title="English">&nbsp;en&nbsp;</a> |
-<a href="../fr/rewrite/flags.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a></p>
-</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
+<a href="../fr/rewrite/flags.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a></p>
+</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/2.4/rewrite/flags.html';
@@ -780,7 +843,7 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/rewrite/flags.html';
}
})(window, document);
//--><!]]></script></div><div id="footer">
-<p class="apache">Copyright 2019 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
+<p class="apache">Copyright 2024 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();
diff --git a/docs/manual/rewrite/flags.html.fr.utf8 b/docs/manual/rewrite/flags.html.fr.utf8
index e9d84e0..073e46d 100644
--- a/docs/manual/rewrite/flags.html.fr.utf8
+++ b/docs/manual/rewrite/flags.html.fr.utf8
@@ -88,13 +88,7 @@ d'utilisation.</p>
<div class="section">
<h2><a name="flag_b" id="flag_b">B (échappement dans les références arrières)</a></h2>
<p>Avec le drapeau [B], la directive <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> échappe les caractères
-non-alphanumériques avant d'appliquer la transformation. A partir
-de la version 2.4.26, vous pouvez limiter l'échappement dans les
-références arrières à une liste de caractères que vous pouvez spécifiez comme
-dans cet exemple : <code>[B=#?;]</code>. Notez que l'espace peut faire
-partie de la liste des caractères à échapper, mais qu'il ne doit pas
-être le dernier caractère de cette liste.
-</p>
+non-alphanumériques avant d'appliquer la transformation.</p>
<p><code>mod_rewrite</code> doit supprimer les séquences d'échappement
des URLs avant leur
@@ -104,6 +98,9 @@ ces dernières sont appliquées. Avec le drapeau B, les caractères
non-alphanumériques des références arrières seront échappés. Considérons
par exemple cette règle :</p>
+<p>Pour un échappement similaire des variables du serveur, voir la <a href="#mapfunc">fonction de mappage</a> "escape".
+</p>
+
<pre class="prettyprint lang-config">RewriteRule "^search/(.*)$" "/search.php?term=$1"</pre>
@@ -138,6 +135,22 @@ si on présente à ce dernier une URL non échappée.</p>
%{THE_REQUEST}, les chaînes capturées se présentant
alors sous la forme codée.</p>
+<p>A partir
+de la version 2.4.26, vous pouvez limiter l'échappement dans les
+références arrières à une liste de caractères que vous pouvez spécifiez comme
+dans cet exemple : <code>[B=#?;]</code>. Notez que l'espace peut faire
+partie de la liste des caractères à échapper, mais que vous devez mettre entre
+guillemets le troisième argument de la directive <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> et que l'espace ne doit pas
+être le dernier caractère de cette liste.
+</p>
+
+<pre class="prettyprint lang-config"># Échappement des espaces et des points d'interrogation. Les guillemets autour
+# du dernier argument sont obligatoires lorsque l'espace est inclus.
+RewriteRule "^search/(.*)$" "/search.php?term=$1" "[B= ?]"</pre>
+
+
+<p>Pour définir la liste des caractères à échapper de cette manière, voir <a href="#flag_bne">#flag_bne</a> et <a href="#flag_bctls">#flag_bctls</a></p>
+
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="flag_bnp" id="flag_bnp">BNP|backrefnoplus (ne pas échapper
@@ -147,9 +160,43 @@ espace en %20 au lieu de '+' dans les références arrières. Ceci s'avère
utile lorsque la référence arrière est utilisée dans la partie chemin,
et non dans les paramètres de la requête.</p>
+<pre class="prettyprint lang-config"># Échappe le caractère espace en %20 dans le chemin au lieu de + comme dans la
+# soumission de formulaire à l'aide de la chaîne de paramètres
+RewriteRule "^search/(.*)$" "/search.php/$1" "[B,BNP]"</pre>
+
+
<p>Ce drapeau est disponible à partir de la version 2.4.26 du serveur HTTP
Apache.</p>
+<h3><a name="flag_bctls" id="flag_bctls">BCTLS</a></h3>
+<p>Le drapeau [BCTLS] est similaire à [B], à la différence que seuls les espaces
+et les caractères de contrôle sont échappés. Il s'agit du même jeu de caractères
+rejetés lorsqu'ils sont copiés dans la chaîne de paramètres non codée.
+</p>
+
+<pre class="prettyprint lang-config"># Échappe les espaces et les caractères de contrôle
+RewriteRule "^search/(.*)$" "/search.php/$1" "[BCTLS]"</pre>
+
+
+<p>Ce drapeau est disponible à partir de la version 2.4.57 du serveur HTTP
+Apache.</p>
+
+
+
+<h3><a name="flag_bne" id="flag_bne">BNE</a></h3>
+<p>Les caractères listés dans [BNE=...] sont exclus des listes de caractères
+correspondant aux drapeaux [B] ou [BCTLS]. Ils ne seront donc pas échappés.
+</p>
+
+<pre class="prettyprint lang-config"># Échappe les caractères par défaut, sauf /
+RewriteRule "^search/(.*)$" "/search.php?term=$1" "[B,BNE=/]"</pre>
+
+
+<p>Ce drapeau est disponible à partir de la version 2.4.57 du serveur HTTP
+Apache.</p>
+
+
+
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="flag_c" id="flag_c">C|chain</a></h2>
@@ -165,13 +212,13 @@ chaînées qui suivent, seront sautées.</p>
<p>Le drapeau [CO], ou [cookie], vous permet de définir un cookie
lorsqu'une règle <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>
s'applique. Il possède trois arguments obligatoires et
-quatre arguments optionnels.</p>
+cinq arguments optionnels.</p>
<p>La syntaxe complète de ce drapeau, avec tous ses attributs, est la
suivante :</p>
<div class="example"><p><code>
-[CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly]
+[CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly:samesite]
</code></p></div>
<p>Si un caractère littéral ':' doit être insérer dans un des champs du
@@ -180,7 +227,7 @@ alternative, le contenu du champ "Name" doit être précédé du caractère
';', et les sépateurs de champs deviendront des ';'.</p>
<div class="example"><p><code>
-[CO=;NAME;VALUE:MOREVALUE;DOMAIN;lifetime;path;secure;httponly]
+[CO=;NAME;VALUE:MOREVALUE;DOMAIN;lifetime;path;secure;httponly;samesite]
</code></p></div>
<p>Vous devez déclarer un nom, une valeur et un domaine pour que
@@ -223,12 +270,18 @@ que dans le cadre d'une connexion sécurisée (https).</dd>
<code>HttpOnly</code> activé, ce qui signifie qu'il sera inaccessible au
code JavaScript pour les navigateurs qui supportent cette
fonctionnalité.</dd>
+
+<dt>samesite</dt>
+<dd>S'il est différent de <code>false</code> ou <code>0</code>, l'attribut
+<code>SameSite</code> est défini à la valeur spécifiée. Les valeurs typiques
+sont <code>None</code>, <code>Lax</code> et <code>Strict</code>. Disponible à
+partir de la version 2.4.47 du serveur HTTP Apache.</dd>
</dl>
<p>Voici un exemple :</p>
<pre class="prettyprint lang-config">RewriteEngine On
-RewriteRule "^/index\.html" "-" [CO=frontdoor:yes:.example.org:1440:/]</pre>
+RewriteRule "^/index\.html" "-" [CO=frontdoor:yes:.example.com:1440:/]</pre>
<p>Dans l'exemple ci-dessus, la règle ne réécrit
@@ -315,10 +368,9 @@ avec une valeur de '1' si l'URI de la requête correspond à un fichier
image. Cette variable d'environnement est ensuite utilisée pour exclure
une telle requête du journal des accès.</p>
-<div class="example"><p><code>
-RewriteRule "\.(png|gif|jpg)" "-" [E=image:1]<br />
-CustomLog "logs/access_log" combined env=!image
-</code></p></div>
+<pre class="prettyprint lang-config">RewriteRule "\.(png|gif|jpg)$" "-" [E=image:1]
+CustomLog "logs/access_log" combined env=!image</pre>
+
<p>Notez que le même effet peut être obtenu à l'aide de la directive
<code class="directive"><a href="../mod/mod_setenvif.html#setenvif">SetEnvIf</a></code>. Cette technique
@@ -345,7 +397,7 @@ Forbidden.</p>
<p>La règle suivante va interdire la téléchargement de fichiers
<code>.exe</code> depuis votre serveur.</p>
-<pre class="prettyprint lang-config">RewriteRule "\.exe" "-" [F]</pre>
+<pre class="prettyprint lang-config">RewriteRule "\.exe" "-" [F]</pre>
<p>Cet exemple utilise la syntaxe "-" pour la cible de réécriture, ce
@@ -366,7 +418,7 @@ disponible auparavant ne l'est plus actuellement.</p>
<p>Comme dans le cas du drapeau [F], on utilise en général la syntaxe
"-" pour la cible de réécriture lorsqu'on utilise le drapeau [G] :</p>
-<pre class="prettyprint lang-config">RewriteRule "oldproduct" "-" [G,NC]</pre>
+<pre class="prettyprint lang-config">RewriteRule "oldproduct" "-" [G,NC]</pre>
<p>Lorsqu'on utilise [G], [L] est implicite - c'est à dire que la
@@ -380,7 +432,7 @@ spécifié. Par exemple, on peut utiliser ce drapeau pour forcer
l'interprétation de tous les fichiers sans extension par le gestionnaire
php :</p>
-<pre class="prettyprint lang-config">RewriteRule "!\." "-" [H=application/x-httpd-php]</pre>
+<pre class="prettyprint lang-config">RewriteRule "!\." "-" [H=application/x-httpd-php]</pre>
<p>
@@ -449,8 +501,8 @@ directive <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">
la requête concerne déjà <code>index.php</code>, la directive <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> sera sautée.</p>
<pre class="prettyprint lang-config">RewriteBase "/"
-RewriteCond "%{REQUEST_URI}" "!=/index.php"
-RewriteRule "^(.*)" "/index.php?req=$1" [L,PT]</pre>
+RewriteCond "%{REQUEST_URI}" !=/index.php
+RewriteRule "^(.*)" "/index.php?req=$1" [L,PT]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
@@ -478,10 +530,10 @@ effectuer la substitution (c'est à dire, remplacer le <code>A</code> par
un <code>B</code>).</p>
<p>A partir de la version 2.4.8, ce module renvoie une erreur après
-32000 itérations afin d'éviter les boucles infinies. Ce nombre maximum
+10000 itérations afin d'éviter les boucles infinies. Ce nombre maximum
d'itération peut être modifié via le drapeau N.</p>
<pre class="prettyprint lang-config"># On veut remplacer 1 caractère à chaque itération de la boucle
-RewriteRule "(.+)[&gt;&lt;;]$" "$1" [N=64000]
+RewriteRule "(.+)[&gt;&lt;;]$" "$1" [N=32000]
# ... ou s'arrêter après 10 itérations
RewriteRule "(.+)[&gt;&lt;;]$" "$1" [N=10]</pre>
@@ -505,9 +557,9 @@ bien que <code>.JPG</code> seront acceptés.</p>
<div class="section">
<h2><a name="flag_ne" id="flag_ne">NE|noescape</a></h2>
<p>Par défaut, les caractères spéciaux, comme <code>&amp;</code> et
-<code>?</code>, sont convertis en leur équivalent
-hexadécimal. Le drapeau [NE] permet d'éviter cette conversion.
-</p>
+<code>?</code>, sont convertis en leur équivalent hexadécimal pour les règles
+qui génèrent des redirections externes. Le drapeau [NE] permet d'éviter cette
+conversion.</p>
<pre class="prettyprint lang-config">RewriteRule "^/anchor/(.+)" "/bigpage.html#$1" [NE,R]</pre>
@@ -583,13 +635,17 @@ local.</p>
</div>
<div class="warning">
- <h3>Avertissement au sujet des performances</h3>
- <p>Utiliser ce drapeau fait intervenir <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> sans la gestion des connexions
- persistantes, ce qui signifie que vous obtiendrez des performances meilleurs si vous utilisez
- <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> ou <code class="directive"><a href="../mod/mod_proxy.html#proxypassmatch">ProxyPassMatch</a></code>.</p>
- <p>Ceci est du au fait que ce drapeau induit l'utilisation du worker par défaut, qui
- ne gère pas la mise en commun et la réutilisation des connexions.</p>
- <p>Partout où cela est possible, préférez l'utilisation de ces directives.</p>
+ <h3>Avertissement au sujet des performances</h3>
+ <p>Utiliser ce drapeau fait intervenir <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> sans la
+ gestion des connexions persistantes car dans ce cas, c'est le worker par
+ défaut qui est utilisé, et ce dernier ne gère pas la mise en commun et la
+ réutilisation des connexions.</p>
+ <p>Pour utiliser les connexions persistantes, vous devez définir un bloc
+ <code class="directive"><a href="../mod/mod_proxy.html#proxy">Proxy</a></code>, au moins pour les parties
+ protocole et hôte de l'URL cible, et contenant une directive <code class="directive"><a href="../mod/mod_proxy.html#proxyset">ProxySet</a></code> où vous définissez par exemple un
+ délai.</p>
+ <p>Si vous le définissez avec une directive <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> ou <code class="directive"><a href="../mod/mod_proxy.html#proxypassmatch">ProxyPassMatch</a></code>, les connexions persistantes
+ seront automatiquement utilisées.</p>
</div>
<p>Note: <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> doit être activé pour pouvoir
@@ -739,19 +795,21 @@ avertissements 'Invalid URI in request'.
<p>Le drapeau [S] sert à sauter des règles que vous ne voulez pas voir
exécuter. La syntaxe du drapeau [S] est [S=<em>N</em>], où
<em>N</em> correspond au nombre de règles à sauter (sous
-réserve que la règle <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> corresponde).
+réserve que la règle <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> corresponde et qu'au moins
+une condition <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code>
+préalable soit vérifiée).
Ceci peut s'interpréter comme une instruction
<code>goto</code> dans votre jeu de règles de réécriture. Dans
l'exemple suivant, nous ne voulons exécuter la règle <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> que si l'URI demandé ne
correspond pas à un fichier existant.</p>
<pre class="prettyprint lang-config"># La requête concerne-t-elle un fichier qui n'existe pas ?
-RewriteCond "%{REQUEST_FILENAME}" "!-f"
-RewriteCond "%{REQUEST_FILENAME}" "!-d"
+RewriteCond "%{REQUEST_FILENAME}" !-f
+RewriteCond "%{REQUEST_FILENAME}" !-d
# Si c'est la cas, on saute les deux règles de réécriture suivantes
-RewriteRule ".?" "-" [S=2]
+RewriteRule ".?" "-" [S=2]
-RewriteRule "(.*\.gif)" "images.php?$1"
-RewriteRule "(.*\.html)" "docs.php?$1"</pre>
+RewriteRule "(.*\.gif)" "images.php?$1"
+RewriteRule "(.*\.html)" "docs.php?$1"</pre>
@@ -766,18 +824,19 @@ d'élaborer des pseudo-constructions if-then-else : la dernière règle du
bloc then contiendra <code>skip=N</code>, où N est le nombre de règles
contenues dans le bloc else :</p>
<pre class="prettyprint lang-config"># Est-ce que le fichier existe ?
-RewriteCond "%{REQUEST_FILENAME}" "!-f"
-RewriteCond "%{REQUEST_FILENAME}" "!-d"
-# Create an if-then-else construct by skipping 3 lines if we meant to go to the "else" stanza.
-RewriteRule ".?" "-" [S=3]
+RewriteCond "%{REQUEST_FILENAME}" !-f
+RewriteCond "%{REQUEST_FILENAME}" !-d
+# Créer une structure conditionnelle if-then-else en sautant 3 lignes si nous
+# avions l'intention d'aller au bloc "else".
+RewriteRule ".?" "-" [S=3]
# Si le fichier existe, alors :
-RewriteRule "(.*\.gif)" "images.php?$1"
+ RewriteRule "(.*\.gif)" "images.php?$1"
RewriteRule "(.*\.html)" "docs.php?$1"
- # Skip past the "else" stanza.
- RewriteRule ".?" "-" [S=1]
+ # Passer le bloc "else".
+ RewriteRule ".?" "-" [S=1]
# ELSE...
-RewriteRule "(.*)" "404.php?file=$1
+ RewriteRule "(.*)" "404.php?file=$1"
# END</pre>
@@ -795,7 +854,7 @@ du code source Perl en tant que plein texte, s'il est requis d'une
certaine manière :</p>
<pre class="prettyprint lang-config"># Sert les fichier .pl en tant que plein texte
-RewriteRule "\.pl$" "-" [T=text/plain]</pre>
+RewriteRule "\.pl$" "-" [T=text/plain]</pre>
<p>Ou encore, si vous possédez une caméra qui produit des fichiers
@@ -803,7 +862,7 @@ images jpeg sans extension, vous pouvez forcer le renvoi de ces images
avec le type MIME correct en se basant sur le nom du fichier :</p>
<pre class="prettyprint lang-config"># Les fichiers dont le nom contient 'IMG' sont des images jpg.
-RewriteRule "IMG" "-" [T=image/jpg]</pre>
+RewriteRule "IMG" "-" [T=image/jpg]</pre>
<p>Notez cependant qu'il s'agit d'un exemple trivial, et que le problème
@@ -825,7 +884,7 @@ utiliser le drapeau <code>L</code> pour terminer la séquence
<div class="bottomlang">
<p><span>Langues Disponibles: </span><a href="../en/rewrite/flags.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
<a href="../fr/rewrite/flags.html" title="Français">&nbsp;fr&nbsp;</a></p>
-</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Commentaires</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
+</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Commentaires</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/2.4/rewrite/flags.html';
@@ -843,7 +902,7 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/rewrite/flags.html';
}
})(window, document);
//--><!]]></script></div><div id="footer">
-<p class="apache">Copyright 2019 The Apache Software Foundation.<br />Autorisé sous <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
+<p class="apache">Copyright 2024 The Apache Software Foundation.<br />Autorisé sous <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossaire</a> | <a href="../sitemap.html">Plan du site</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();