[英]Apache mod_rewrite - Redirect to HTTPS except one friendly URL (Controller)
I have a website that needs to force HTTPS except when a particular URL begins with a pattern. 我有一个网站需要强制HTTPS,除非特定的URL以模式开头。
The problem is I have a redirection to index.php to load a PHP Controller in my system. 问题是我重定向到index.php以在系统中加载PHP控制器。 When it redirects to index.php rewrite rules are applied again but %{REQUEST_URI} becomes index.php after the redirection and URL that can use http is redirected to https.
当重定向到index.php时,重写规则将再次应用,但是在重定向之后,%{REQUEST_URI}将变为index.php,并且可以使用http的URL重定向到https。
Is there a way around that ? 有办法解决吗? Maybe not reading the rules again after internal redirection or keeping REQUEST_URI the same.
内部重定向后或保持REQUEST_URI不变后,可能不再阅读规则。
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/ok_with_http
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [QSA,L]
%{THE_REQUEST}
could be used instead of %{REQUEST_URI}
to test the original request even after internal redirect to index.php
. 即使内部重定向到
index.php
也可以使用%{THE_REQUEST}
代替%{REQUEST_URI}
来测试原始请求。
According to the manual: 根据手册:
THE_REQUEST
THE_REQUEST
The full HTTP request line sent by the browser to the server (eg,
GET /index.html HTTP/1.1
).浏览器发送到服务器的完整HTTP请求行(例如
GET /index.html HTTP/1.1
)。 This does not include any additional headers sent by the browser.这不包括浏览器发送的任何其他标头。 This value has not been unescaped (decoded), unlike most other variables below.
与以下大多数其他变量不同,该值尚未被转义(解码)。
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !^[A-Z]+\ /ok_with_http(/\S*)?\s
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [QSA,L]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.