diff options
Diffstat (limited to 'docs/manual/rewrite/flags.html.en')
| -rw-r--r-- | docs/manual/rewrite/flags.html.en | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/docs/manual/rewrite/flags.html.en b/docs/manual/rewrite/flags.html.en index 0e16b2d1..ec786dd8 100644 --- a/docs/manual/rewrite/flags.html.en +++ b/docs/manual/rewrite/flags.html.en @@ -459,7 +459,7 @@ example, if you wanted all image requests to be handled by a back-end image server, you might do something like the following:</p> <div class="example"><p><code> -RewriteRule (.*)\.(jpg|gif|png) http://images.example.com$1.$2 [P] +RewriteRule /(.*)\.(jpg|gif|png) http://images.example.com/$1.$2 [P] </code></p></div> <p>Use of the [P] flag implies [L] - that is, the request is immediately @@ -474,6 +474,15 @@ error from the proxy module. Use this flag to achieve a more powerful implementation of the <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> directive, to map remote content into the namespace of the local server.</p> +<div class="warning"> +<h3>Security Warning</h3> +<p>Take care when constructing the target URL of the rule, considering +the security impact from allowing the client influence over the set of +URLs to which your server will act as a proxy. Ensure that the scheme +and hostname part of the URL is either fixed, or does not allow the +client undue influence.</p> +</div> + <p>Note: <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> must be enabled in order to use this flag.</p> @@ -643,6 +652,6 @@ The <code>L</code> flag can be useful in this context to end the <p><span>Available Languages: </span><a href="../en/rewrite/flags.html" title="English"> en </a> | <a href="../fr/rewrite/flags.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p> </div><div id="footer"> -<p class="apache">Copyright 2011 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> </body></html>
\ No newline at end of file |