Xenos Xenos - 1 year ago 126
Apache Configuration Question

RewriteCond comparing two variables in Apache htaccess

I would like to have a

that gets
if two variables
are equals. I tried

RewriteCond %{HTTP:Origin} ^http://%{HTTP_HOST}(/|$)

But despite Netbeans syntactic color, it appears that Apache is not replacing
by its value. I guessed it because

RewriteCond %{HTTP:Origin} ^http://cnfr005554(/|$)
RewriteCond %{HTTP_HOST} =cnfr005554


So how can I test that the two variables
are equals? (and yes, it's for applying OWASP's guidelines to mitigate XSRF)

Answer Source

In RewriteCond you cannot use a variable on right hand side.

You have to use it like this:

RewriteCond %{HTTP_HOST}##%{HTTP:Origin} ^(.+)##http://\1(/|$)

Here are are joining 2 variables using a delimiter ## (it can be anything). Then on RHS we match and capture value before ## that represents HTTP_HOST. After ## using a back-reference \1 we do our matching.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download