Re: [users@httpd] Conditionally strip/remove a specific cookie from request
oh...@cox.net wrote: Try RequestHeader edit Cookie MyCookie=.*(\;)? Anyway, more interesting question for me was how are you going to check for the first condition, existance of the arbiteary header MYHEADER? Or you are talking here about standard http header? which I thought SHOULD work, but it doesn't. Anyone? Any regex experts out there? I know that I'm TERRIBLE with them :(... Thanks, Jim Igor, Thanks for your suggestion, but it: 1) Leaves a trailing semicolon if the cookie I want to remove is at the very end of the Cookie value/string, and 2) Removes the cookie I want to remove and everything after that if the cookie I want to remove is not at the very end of the Cookie value/string. Re. your question: I probably didn't explain clearly what I meant by an arbitrary MYHEADER. We know what that header name is, so it's arbitrary in the sense that it'll be what we need, but it's not one of the standard HTTP headers. Jim Sorry - forgot to include the mailing list in the email... Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
Igor Cicimov icici...@gmail.com wrote: On 10/12/2012 6:58 PM, oh...@cox.net wrote: Try RequestHeader edit Cookie MyCookie=.*(\;)? Anyway, more interesting question for me was how are you going to check for the first condition, existance of the arbiteary header MYHEADER? Or you are talking here about standard http header? which I thought SHOULD work, but it doesn't. Anyone? Any regex experts out there? I know that I'm TERRIBLE with them :(... Thanks, Jim Igor, Thanks for your suggestion, but it: 1) Leaves a trailing semicolon if the cookie I want to remove is at the very end of the Cookie value/string, and 2) Removes the cookie I want to remove and everything after that if the cookie I want to remove is not at the very end of the Cookie value/string. Re. your question: I probably didn't explain clearly what I meant by an arbitrary MYHEADER. We know what that header name is, so it's arbitrary in the sense that it'll be what we need, but it's not one of the standard HTTP headers. Jim Why dont you paste your config here so we can see what have you done? Igor, As I said earlier, right now, I'm focusing on trying to get the RequestHeader edit working (I think that now that I have 2.4.3 and the If, the conditional part shouldn't be too bad), so I have a vanilla, just-built 2.4.3, with the following Location added: Location /test # Compare the host name to foo.whatever.com and add a header in that case... If %{HTTP_HOST} == 'foo.whatever.com' RequestHeader set YOU_ARE_GOING_2FOO.WHATEVER.COM Aa # Suggested by Igor from httpd mailing list - doesn't work #RequestHeader edit Cookie MyCookie=.*(\;)? # 2nd suggestion from Igor - doesn't work RequestHeader edit Cookie MyCookie=.*(\;)?$ /If ProxyPass http://localhost:8080/test ProxyPassReversehttp://localhost:8080/test /Location Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On 10/12/2012 6:58 PM, oh...@cox.net wrote: Try RequestHeader edit Cookie MyCookie=.*(\;)? Anyway, more interesting question for me was how are you going to check for the first condition, existance of the arbiteary header MYHEADER? Or you are talking here about standard http header? which I thought SHOULD work, but it doesn't. Anyone? Any regex experts out there? I know that I'm TERRIBLE with them :(... Thanks, Jim Igor, Thanks for your suggestion, but it: 1) Leaves a trailing semicolon if the cookie I want to remove is at the very end of the Cookie value/string, and 2) Removes the cookie I want to remove and everything after that if the cookie I want to remove is not at the very end of the Cookie value/string. Re. your question: I probably didn't explain clearly what I meant by an arbitrary MYHEADER. We know what that header name is, so it's arbitrary in the sense that it'll be what we need, but it's not one of the standard HTTP headers. Jim Why dont you paste your config here so we can see what have you done? Igor, As I said earlier, right now, I'm focusing on trying to get the RequestHeader edit working (I think that now that I have 2.4.3 and the If, the conditional part shouldn't be too bad), so I have a vanilla, just-built 2.4.3, with the following Location added: Location /test # Compare the host name to foo.whatever.com and add a header in that case... If %{HTTP_HOST} == 'foo.whatever.com' RequestHeader set YOU_ARE_GOING_2FOO.WHATEVER.COM Aa # Suggested by Igor from httpd mailing list - doesn't work #RequestHeader edit Cookie MyCookie=.*(\;)? # 2nd suggestion from Igor - doesn't work RequestHeader edit Cookie MyCookie=.*(\;)?$ /If ProxyPass http://localhost:8080/test ProxyPassReversehttp://localhost:8080/test /Location Jim Igor (et al), For the record, Salman A over on stackoverflow posted a regex that works: RequestHeader edit Cookie (^MyCookie=[^;]*;|; MyCookie=[^;]*) Thanks for hanging in there with me on this one!! Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
On Mon, Dec 10, 2012 at 9:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org True, so how about this ... You set the cookie if env = condition1 and then edit/unset/merge/ or do whatever if env != condition2
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 9:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org True, so how about this ... You set the cookie if env = condition1 and then edit/unset/merge/ or do whatever if env != condition2 Hi, Thanks for the suggestion. I guess that I'd really rather not set the cookie then possibly have to unset it later. That seems a little too convoluted. What I was trying to find out with this post is about how something like SetEnvIfExpr: http://httpd.apache.org/docs/trunk/mod/mod_setenvif.html#setenvifexpr might be used. Apparently this SetEnvIfExpr is available in Apache 2.2.9+? That page has some examples of using SetEnvIfExpr, e.g.: SetEnvIfExpr tolower(req('X-Sendfile')) == 'd:\images\very_big.iso') iso_delivered plus, it links to this other page on expressions in Apache: http://httpd.apache.org/docs/trunk/expr.html which has examples of expressions: # Compare the host name to example.com and redirect to www.example.com if it matches If %{HTTP_HOST} == 'example.com' Redirect permanent / http://www.example.com /If So I was thinking I could use something like that, but I'm not familiar with these expressions, so I was hoping that someone here could tell me (or point the way to) the expression that I'd need to do what I described in my original post. Also, BTW, I'm having problems with what was suggested in the message thread on Stackoverflow.com in my original post. I tried the suggested RequestHeader, to try to remove a cookie in an incoming request, but it's not working. Rather it looks like it just replaces the entire Cookie: header altogether. FYI, for this testing, I have my Apache proxying (ProxyPass/ProxyPassReverse) a Tomcat instance. Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
On Mon, Dec 10, 2012 at 11:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 9:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org True, so how about this ... You set the cookie if env = condition1 and then edit/unset/merge/ or do whatever if env != condition2 Hi, Thanks for the suggestion. I guess that I'd really rather not set the cookie then possibly have to unset it later. That seems a little too convoluted. What I was trying to find out with this post is about how something like SetEnvIfExpr: http://httpd.apache.org/docs/trunk/mod/mod_setenvif.html#setenvifexpr That link has the word trunk in it which usually means current development version. And if you check the bread crumbs in the top of the page you'll see [image: -] http://httpd.apache.org/docs/trunk/mod/ Apache http://www.apache.org/ HTTP Server http://httpd.apache.org/ Documentation http://httpd.apache.org/docs/ Version 2.5http://httpd.apache.org/docs/trunk/ Modules http://httpd.apache.org/docs/trunk/mod/ it is a Apache 2.5 module. If you need to use this feature AND If tags you need Apache 2.4 might be used. Apparently this SetEnvIfExpr is available in Apache 2.2.9+? That page has some examples of using SetEnvIfExpr, e.g.: SetEnvIfExpr tolower(req('X-Sendfile')) == 'd:\images\very_big.iso') iso_delivered plus, it links to this other page on expressions in Apache: http://httpd.apache.org/docs/trunk/expr.html which has examples of expressions: # Compare the host name to example.com and redirect to www.example.com if it matches If %{HTTP_HOST} == 'example.com' Redirect permanent / http://www.example.com /If So I was thinking I could use something like that, but I'm not familiar with these expressions, so I was hoping that someone here could tell me (or point the way to) the expression that I'd need to do what I described in my original post. Also, BTW, I'm having problems with what was suggested in the message thread on Stackoverflow.com in my original post. I tried the suggested RequestHeader, to try to remove a cookie in an incoming request, but it's not working. Rather it looks like it just replaces the entire Cookie: header altogether. FYI, for this testing, I have my Apache proxying (ProxyPass/ProxyPassReverse) a Tomcat instance. Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 11:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 9:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org True, so how about this ... You set the cookie if env = condition1 and then edit/unset/merge/ or do whatever if env != condition2 Hi, Thanks for the suggestion. I guess that I'd really rather not set the cookie then possibly have to unset it later. That seems a little too convoluted. What I was trying to find out with this post is about how something like SetEnvIfExpr: http://httpd.apache.org/docs/trunk/mod/mod_setenvif.html#setenvifexpr That link has the word trunk in it which usually means current development version. And if you check the bread crumbs in the top of the page you'll see [image: -] http://httpd.apache.org/docs/trunk/mod/ Apache http://www.apache.org/ HTTP Server http://httpd.apache.org/ Documentation http://httpd.apache.org/docs/ Version 2.5http://httpd.apache.org/docs/trunk/ Modules http://httpd.apache.org/docs/trunk/mod/ it is a Apache 2.5 module. If you need to use this feature AND If tags you need Apache 2.4 might be used. Apparently this SetEnvIfExpr is available in Apache 2.2.9+? That page has some examples of using SetEnvIfExpr, e.g.: SetEnvIfExpr tolower(req('X-Sendfile')) == 'd:\images\very_big.iso') iso_delivered plus, it links to this other page on expressions in Apache: http://httpd.apache.org/docs/trunk/expr.html which has examples of expressions: # Compare the host name to example.com and redirect to www.example.com if it matches If %{HTTP_HOST} == 'example.com' Redirect permanent / http://www.example.com /If So I was thinking I could use something like that, but I'm not familiar with these expressions, so I was hoping that someone here could tell me (or point the way to) the expression that I'd need to do what I described in my original post. Also, BTW, I'm having problems with what was suggested in the message thread on Stackoverflow.com in my original post. I tried the suggested RequestHeader, to try to remove a cookie in an incoming request, but it's not working. Rather it looks like it just replaces the entire Cookie: header altogether. FYI, for this testing, I have my Apache proxying (ProxyPass/ProxyPassReverse) a Tomcat instance. Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Hi Igor, I realized that a little while ago, and just built
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
On Mon, Dec 10, 2012 at 2:10 PM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 11:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 9:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org True, so how about this ... You set the cookie if env = condition1 and then edit/unset/merge/ or do whatever if env != condition2 Hi, Thanks for the suggestion. I guess that I'd really rather not set the cookie then possibly have to unset it later. That seems a little too convoluted. What I was trying to find out with this post is about how something like SetEnvIfExpr: http://httpd.apache.org/docs/trunk/mod/mod_setenvif.html#setenvifexpr That link has the word trunk in it which usually means current development version. And if you check the bread crumbs in the top of the page you'll see [image: -] http://httpd.apache.org/docs/trunk/mod/ Apache http://www.apache.org/ HTTP Server http://httpd.apache.org/ Documentation http://httpd.apache.org/docs/ Version 2.5http://httpd.apache.org/docs/trunk/ Modules http://httpd.apache.org/docs/trunk/mod/ it is a Apache 2.5 module. If you need to use this feature AND If tags you need Apache 2.4 might be used. Apparently this SetEnvIfExpr is available in Apache 2.2.9+? That page has some examples of using SetEnvIfExpr, e.g.: SetEnvIfExpr tolower(req('X-Sendfile')) == 'd:\images\very_big.iso') iso_delivered plus, it links to this other page on expressions in Apache: http://httpd.apache.org/docs/trunk/expr.html which has examples of expressions: # Compare the host name to example.com and redirect to www.example.comif it matches If %{HTTP_HOST} == 'example.com' Redirect permanent / http://www.example.com /If So I was thinking I could use something like that, but I'm not familiar with these expressions, so I was hoping that someone here could tell me (or point the way to) the expression that I'd need to do what I described in my original post. Also, BTW, I'm having problems with what was suggested in the message thread on Stackoverflow.com in my original post. I tried the suggested RequestHeader, to try to remove a cookie in an incoming request, but it's not working. Rather it looks like it just replaces the entire Cookie: header altogether. FYI, for this testing, I have my Apache proxying (ProxyPass/ProxyPassReverse) a Tomcat instance. Thanks, Jim
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
On Mon, Dec 10, 2012 at 3:04 PM, Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 2:10 PM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 11:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 9:02 AM, oh...@cox.net wrote: Igor Cicimov icici...@gmail.com wrote: On Mon, Dec 10, 2012 at 7:19 AM, oh...@cox.net wrote: Hi, We are trying to have an Apache (acting as a proxy) conditionally strip/remove a cookie from the incoming request, before it proxies the request. The condition is that, on the incoming request: - there is a specific HTTP header, MYHEADER, with a value of MYHEADERVALUE, and - the root of the request URL's hostname (e.g., if hostname in the request URL is www.foo.com, then root is .foo.com) matches a certain string, e.g., .whatever.com If the conditions above are true, then we want to remove a cookie named MYCOOKIE from the incoming request, before forwarding the request onto the proxied host. I think that if the conditions match, according to this: http://stackoverflow.com/questions/1798431/how-to-remove-a-cookie-in-apache something like: RequestHeader add Cookie MYCOOKIE='';expires='SOME_PAST_DATE'; Path=COOKIE_PATH would remove the cookie, but I'm not sure how to construct the expression/expr that says something like this: If hostname_root==whatever.com MYHEADER=some_string RequestHeader add Cookie MYCOOKIE=';expires='SOME_PAST_DATE'; Path=COOKIE_PATH /If Also, I'm not sure what that SOME_PAST_DATE should be. Can anyone here tell me? Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Use SetEnvIf Igor, I think that I can use SetEnvIf to set environment variables for each of the two conditions, but doesn't the RequestHeader directive only take only a single condition, e.g., env=condition1? Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org True, so how about this ... You set the cookie if env = condition1 and then edit/unset/merge/ or do whatever if env != condition2 Hi, Thanks for the suggestion. I guess that I'd really rather not set the cookie then possibly have to unset it later. That seems a little too convoluted. What I was trying to find out with this post is about how something like SetEnvIfExpr: http://httpd.apache.org/docs/trunk/mod/mod_setenvif.html#setenvifexpr That link has the word trunk in it which usually means current development version. And if you check the bread crumbs in the top of the page you'll see [image: -] http://httpd.apache.org/docs/trunk/mod/ Apache http://www.apache.org/ HTTP Server http://httpd.apache.org/ Documentation http://httpd.apache.org/docs/ Version 2.5http://httpd.apache.org/docs/trunk/ Modules http://httpd.apache.org/docs/trunk/mod/ it is a Apache 2.5 module. If you need to use this feature AND If tags you need Apache 2.4 might be used. Apparently this SetEnvIfExpr is available in Apache 2.2.9+? That page has some examples of using SetEnvIfExpr, e.g.: SetEnvIfExpr tolower(req('X-Sendfile')) == 'd:\images\very_big.iso') iso_delivered plus, it links to this other page on expressions in Apache: http://httpd.apache.org/docs/trunk/expr.html which has examples of expressions: # Compare the host name to example.com and redirect to www.example.com if it matches If %{HTTP_HOST} == 'example.com' Redirect permanent / http://www.example.com /If So I was thinking I could use something like that, but I'm not familiar with these expressions, so I was hoping that someone here could tell me (or point the way to) the expression that I'd need to do what I described in my original post. Also, BTW, I'm having problems with what was suggested in the message thread on Stackoverflow.com in my original post. I tried the suggested RequestHeader, to try to remove a cookie in an incoming request, but it's not working. Rather it looks like it just replaces the entire Cookie: header altogether. FYI, for this testing, I have my Apache proxying (ProxyPass/ProxyPassReverse) a Tomcat
Re: [users@httpd] Conditionally strip/remove a specific cookie from request
[I keep getting bounced msgs from the mail server, so am removing the earlier replies.] Igor (et al), I'm ok with 2.4.3 and the If for the conditional part. Also, with that, for editing the Cookie header, I figured out that I may be able to use RequestHeader edit to edit the Cookie header value (ideally, we want to be able to remove just ONE, SPECIFIC cookie in the Cookie header value/string. Something like: RequestHeader edit Cookie regex The problem I'm having now is that regex. Let me explain: The thing is, the cookie that we want to remove can occur in the middle of the Cookie header value, in which case, that cookie would end with a semi-colon (;). However, if the cookie that we want to remove happens to be the last cookie in the Cookie header value/string, that will end with nothing (no ; at end). Does anyone know what kind of regex I can use that would handle both cases (the cookie-of-interest ending with either a ; or nothing/end-of-string? I've tried something like: RequestHeader edit Cookie MyCookie=.*(;|\z) which I thought SHOULD work, but it doesn't. Anyone? Any regex experts out there? I know that I'm TERRIBLE with them :(... Thanks, Jim - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org