>Number: 1843
>Category: mod_rewrite
>Synopsis: rewrites that worked under 1.3b3 don't work under 1.3b5
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Thu Feb 19 21:50:00 PST 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.3b5
>Environment:
linux (kernel 2.0.32), gcc 2.8.0, running glibc 2.0.6
Linux eclectic 2.0.32 #1 Tue Nov 18 01:33:50 EST 1997 i586 unknown
>Description:
I used to have several of these sections in srm.conf:
RewriteCond %{HTTP_REFERER} ^$ [OR]
RewriteCond %{HTTP_REFERER} !\.(kluge\.net|wpi\.edu)
RewriteCond %{REMOTE_HOST} !^.*\.kluge\.net$
RewriteRule ^/icons/ - [F]
Which will block any requests for files under the /icons/ directory which
weren't referred to by pages on two domains (kluge.net and wpi.edu). If one
of the systems on my domain (kluge.net) would request a file under /icons/, it
would be accepted no matter what.
This has worked fine for various versions of Apache, but started denying all
requests when I upgraded to 1.3b5. I modified the rewrite commands to be a
little more lenient with denials (it'll now only deny if there is a referer
and it's not from the specified domains.)
>How-To-Repeat:
no. (I traced it down to mod_rewrite by changing the "RewriteEngine on" to
"RewriteEngine off", and it started to work.)
>Fix:
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
