faeda1ab85
If a rewritemap fails to find a URL, mod_rewrite will nonetheless continue to attempt to proxy the request; if the request has a hostname in the URI (as it would if it were being used as a forward proxy), then it will proxy to that URI. The upshot is that this was behaving as an open proxy for any URL that it didn't know about. Correct this by "proxying" to http://localhost/notfound in all cases where the map program fails, and then cause that URL to always fail with a 403. This seems a little Rube Goldberg, but I don't see another way to deal with map failures in a rewriterule proxy. Change-Id: I1fdace79b6059c0297dd27b6bc9ce0afa9fe1396
13 lines
456 B
Plaintext
13 lines
456 B
Plaintext
<VirtualHost *:80>
|
|
ServerAdmin webmaster@localhost
|
|
DocumentRoot /var/www/html
|
|
ErrorLog /dev/stdout
|
|
CustomLog /dev/stdout combined
|
|
|
|
# LogLevel alert rewrite:trace6
|
|
RewriteEngine On
|
|
RewriteMap preview "prg://usr/local/bin/zuul-preview"
|
|
RewriteRule "^/notfound" "-" [F]
|
|
RewriteRule "^/?(.*)$" "${preview:%{ENV:ZUUL_API_URL} %{HTTP_HOST}|http://localhost/notfound}/$1" [P]
|
|
</VirtualHost>
|