* Alan Skea wrote:
> SetEnv SSL 1
...
> RewriteEngine on
> RewriteCond %{ENV:SSL} !=1
> RewriteCond %{REQUEST_URI} !^/(img)|(ssi)|(obj)/
> RewriteRule ^/(.*)$ /redir
SetEnv variables will we set much later than mod_rewrite can check them, so
the successful requests, you're seeing are probably subrequests, caused be a
handler.
mod_ssl should set the HTTPS variable (on or off) which is for that purpose.
You should use this one.
nd
Ah thanks for that - I should have expected that mod_ssl would be helping me here.
However ... now I'm using the HTTPS variable and getting exactly the same behaviour. The problem is only in the top-level request - in subrequests, as you say, the variables have been initialised. Also it's only the first time that the virtual server is used in a given httpd process. Subsequent requests to the same URL in the same httpd process are OK and the top-level request has the variable set. It looks to me like there is some curiosity in the way that a virtual server gets initialised.
If I can't rely on "env" variables at that point in the processing of a request, how can I tell if I'm in secure mode or not?
-_-_ Alan.
