On Thu, 26 May 2011, ad...@buskirkgraphics.com wrote:

The %{HTTPS} variable is not an Apache core variable. A more-portable
solution is to check %{SERVER_PORT} for port 80 or port 443 -- or for "not
port 80" or "not port 443."

ah but this doesn't actually work for me, I get 80 regardless of whether I use HTTP or HTTPS, even if I use https://example.com:443

Also, you're requiring an *exact* match on "not /user" or "not /admin,"
meaning that directory and file paths below these directories will not be
matched -- They will always be redirected by the second rule.

{snip other rewrite stuff}

uh... I didn't say anything about matching URL patterns or the like. I just want my application to do whatever is already being done. And hard-coding URL paths is a bad idea because someone else might want to install the code under some other path.

I don't really want to use rewrite rules to achieve this. If I did, every time my code redirects the browser, it will cause a rewrite from an HTTP URL to an HTTPS URL, which surely is inefficient.

Surely it should be simple enough for me to detect whichever is being used and continue to use it. This makes my code separate from whatever the webmaster decides to do regarding being secure or not.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to