diff options
Diffstat (limited to 'docs/manual/mod/mod_proxy.html.en')
| -rw-r--r-- | docs/manual/mod/mod_proxy.html.en | 36 |
1 files changed, 29 insertions, 7 deletions
diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en index 66353fe4..00d00fd2 100644 --- a/docs/manual/mod/mod_proxy.html.en +++ b/docs/manual/mod/mod_proxy.html.en @@ -1053,7 +1053,7 @@ through</td></tr> <td>Redirection Route of the worker. This value is usually set dynamically to enable safe removal of the node from the cluster. If set all requests without session id will be - redirected to the BalancerMember that has route parametar + redirected to the BalancerMember that has route parameter equal as this value. </td></tr> <tr><td>retry</td> @@ -1240,7 +1240,7 @@ through</td></tr> <code class="directive">ProxyPassReverseCookiePath</code> directives, and causes them to substitute the value of an environment variable <code>varname</code> for the string <code>${varname}</code> - in configuration directives.</p> + in configuration directives (if the <var>interpolate</var> option is set).</p> <p>Keep this turned off (for server performance) unless you need it!</p> </div> @@ -1296,6 +1296,15 @@ through</td></tr> <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the <code>[P]</code> flag.</p> + <div class="warning"> + <h3>Security Warning</h3> + <p>Take care when constructing the target URL of the rule, considering + the security impact from allowing the client influence over the set of + URLs to which your server will act as a proxy. Ensure that the scheme + and hostname part of the URL is either fixed, or does not allow the + client undue influence.</p> + </div> + </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="ProxyPassReverse" id="ProxyPassReverse">ProxyPassReverse</a> <a name="proxypassreverse" id="proxypassreverse">Directive</a></h2> @@ -1396,10 +1405,23 @@ proxied server</td></tr> <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr> </table> -<p>Usage is basically similar to -<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, but instead of -rewriting headers that are a URL, this rewrites the <code>path</code> -string in <code>Set-Cookie</code> headers.</p> +<p> +Useful in conjunction with +<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code> +in situations where backend URL paths are mapped to public paths on the +reverse proxy. This directive rewrites the <code>path</code> string in +<code>Set-Cookie</code> headers. If the beginning of the cookie path matches +<var>internal-path</var>, the cookie path will be replaced with +<var>public-path</var>. +</p><p> +In the example given with +<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, the directive: + <div class="example"><p><code> + ProxyPassReverseCookiePath / /mirror/foo/ + </code></p></div> +will rewrite a cookie with backend path <code>/</code> (or +<code>/example</code> or, in fact, anything) to <code>/mirror/foo/</code>. +</p> </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> @@ -1666,6 +1688,6 @@ header for proxied requests</td></tr> <a href="../fr/mod/mod_proxy.html" hreflang="fr" rel="alternate" title="Français"> fr </a> | <a href="../ja/mod/mod_proxy.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p> </div><div id="footer"> -<p class="apache">Copyright 2011 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> </body></html>
\ No newline at end of file |