Having trouble with RewriteCond Cookie

Topics: User Forum
Mar 30, 2010 at 4:11 PM

Hi,

I'm trying to get this rewritecond setup to work, basically, if the url contains a particular string and there is no cookie, then direct the user to a login page.

the section of the rewrite.ini file is this

 

RewriteRule ^/commonroom/login(.*)$  /commonroom/CommonRoomLogin.aspx?rd=$1 [L]
RewriteCond %{SCRIPT_NAME}	^/commonroom(.*)$	[I]
RewriteCond %{HTTP_COOKIE}	^.*[^ECDB].*$
RedirectRule ^/commonroom(.*)$	/commonroom/login$1

 

basically if the url contains "commonroom" and there is NO cookie in the HTTP_COOKIE header called "ECDB" then it should redirect them to a login screen, however looking at the log file is seems to be ignoring or getting the cookie name match up incorrect

I have tried many matching strings for the cookie name, and none seem to work. e.g.

!ECDB=.*

 

408 - EvalCondition: checking '.ASPXANONYMOUS=7ZnbGLX6ygEkAAAANmJmMTQ4MTgtMzk0NS00YWE3LWE4YjItOTYxMWQyZmZhNTliNie2ryL4dZVK7hvF5UGfveL7GO81; CKFinder_Path=ImagesAFA1; language=en; style=default; layout2=ab*d*ec; ASP.NET_SessionId=fuzubueqsvbu2b550mzarcjx' against pattern '!ECDB=.+'
Tue Mar 30 13:43:56 -  5408 - EvalCondition: match result: -1 (No match)
Tue Mar 30 13:43:56 -  5408 - EvalCondition: returning FALSE

 

(the above should surely be returning true, as there is no cookie name ECDB)

another example

!^.*ECDB.*$

EvalCondition: checking '.ASPXANONYMOUS=7ZnbGLX6ygEkAAAANmJmMTQ4MTgtMzk0NS00YWE3LWE4YjItOTYxMWQyZmZhNTliNie2ryL4dZVK7hvF5UGfveL7GO81; CKFinder_Path=ImagesAFA1; language=en; style=default; layout2=ab*d*ec; ASP.NET_SessionId=fuzubueqsvbu2b550mzarcjx' against pattern '!^.*ECDB.*$'
Tue Mar 30 15:38:41 -  4300 - EvalCondition: match result: -1 (No match)
Tue Mar 30 15:38:41 -  4300 - EvalCondition: returning FALSE

when the cookiedoes exist, i get

(?!EMISCDB=.+) - as shown in the docs for checking a cookie doesnt exist...

Tue Mar 30 14:46:54 -  5408 - EvalCondition: checking '.ASPXANONYMOUS=7ZnbGLX6ygEkAAAANmJmMTQ4MTgtMzk0NS00YWE3LWE4YjItOTYxMWQyZmZhNTliNie2ryL4dZVK7hvF5UGfveL7GO81; CKFinder_Path=ImagesAFA1; language=en; style=default; layout2=ab*d*ec; ASP.NET_SessionId=fuzubueqsvbu2b550mzarcjx; ECDB=CDBNO=uJy4ia3mjixhRGmRFdgg==&crValidationKey=Noc9OvSSj6TBASIOZBRg==' against pattern '(?!ECDB=.+)'
Tue Mar 30 14:46:54 -  5408 - EvalCondition: match result: 1 (match)
Tue Mar 30 14:46:54 -  5408 - EvalCondition: returning TRUE

which should surely match as false?

any ideas?

Coordinator
Mar 30, 2010 at 6:24 PM
Edited Mar 31, 2010 at 4:37 PM

I don't know what the problem might be.

It should be very simple.  On IIRF v2.1.0.16, this works for me:

# redirect when cookie is SET
RewriteCond %{HTTP_COOKIE}  ECDB.*$
RedirectRule ^/commonroom(.*)$   /Whatever.aspx?cookie=set&arg=$1

# redirect when cookie is NOT set
RewriteCond %{HTTP_COOKIE}  !ECDB.*$
RedirectRule ^/commonroom(.*)$   /Whatever.aspx?cookie=NOTset&arg=$1

What version of IIRF are you using?

Also, why are you inserting a condition on %{SCRIPT_NAME}  ??  Seems to me you already have that covered in the pattern for RedirectRule.  Could that bbe tripping you up? 

Mar 31, 2010 at 9:32 AM

I'm using v1.2.16 R8

just looking at the code example you supplied. (and using the NOT set rule) i've tried removing the SCRIPT condition, so my ini file looks like

RewriteCond %{HTTP_COOKIE}	!ECDB.*$
RedirectRule ^/commonroom(.*)$	/commonroom/login$1

which is/ and seems fair enough. No cookie, and url contains 'commonroom' redirect to login.

if im using the url :

http://localhost/commonroom/shop/c1/Auto-Arrivals

i get the following output in the log file.

Wed Mar 31 09:18:24 -  2744 - EvaluateRules: Rule 23 : 2 matches
Wed Mar 31 09:18:24 -  2744 - EvalCondition: ts1 '.ASPXANONYMOUS=7ZnbGLX6ygEkAAAANmJmMTQ4MTgtMzk0NS00YWE3LWE4YjItOTYxMWQyZmZhNTliNie2ryL4dZVK7hvF5UGfveL7GO81; CKFinder_Path=Images%3A%2F%3A1; language=en; style=default; layout2=ab*d*ec; ASP.NET_SessionId=jdikt52ajlq1cv55ompdkb45'
Wed Mar 31 09:18:24 -  2744 - ApplyCaseConversion: after  '.ASPXANONYMOUS=7ZnbGLX6ygEkAAAANmJmMTQ4MTgtMzk0NS00YWE3LWE4YjItOTYxMWQyZmZhNTliNie2ryL4dZVK7hvF5UGfveL7GO81; CKFinder_Path=ImagesAFA1; language=en; style=default; layout2=ab*d*ec; ASP.NET_SessionId=jdikt52ajlq1cv55ompdkb45'
Wed Mar 31 09:18:24 -  2744 - EvalCondition: checking '.ASPXANONYMOUS=7ZnbGLX6ygEkAAAANmJmMTQ4MTgtMzk0NS00YWE3LWE4YjItOTYxMWQyZmZhNTliNie2ryL4dZVK7hvF5UGfveL7GO81; CKFinder_Path=ImagesAFA1; language=en; style=default; layout2=ab*d*ec; ASP.NET_SessionId=jdikt52ajlq1cv55ompdkb45' against pattern '!ECDB.*$'
Wed Mar 31 09:18:24 -  2744 - EvalCondition: match result: -1 (No match)
Wed Mar 31 09:18:24 -  2744 - EvalCondition: returning FALSE
Wed Mar 31 09:18:24 -  2744 - EvalConditionList: rule 23, FALSE, Rule does not apply
Wed Mar 31 09:18:24 -  2744 - EvaluateRules: Rule 24 : 2 matches
Wed Mar 31 09:18:24 -  2744 - ApplyCaseConversion: after  '/commonroom/shop/Category.aspx?cid=1'
Wed Mar 31 09:18:24 -  2744 - EvaluateRules: Result (length 36): /commonroom/shop/Category.aspx?cid=1
Wed Mar 31 09:18:24 -  2744 - EvaluateRules: Last Rule
Wed Mar 31 09:18:24 -  2744 - EvaluateRules: returning 1
Wed Mar 31 09:18:24 -  2744 - DoRewrites: Rewrite Url to: '/commonroom/shop/Category.aspx?cid=1'

which means it's getting the negative condition wrong and proceeding with the rule

RewriteRule ^/commonroom/shop/c([0-9]*)/.*[^/]$  /commonroom/shop/Category.aspx?cid=$1 [L]

and trying to load the category when it SHOULD be be redirecting to url :

http://localhost/commonroom/login/shop/c1/Auto-Arrivals

I have this rule

RewriteRule ^/commonroom/login(.*)$  /commonroom/CommonRoomLogin.aspx?rd=$1 [L]
directly above the RewriteCond, but surely this should make a difference.

Coordinator
Mar 31, 2010 at 4:07 PM
Edited Mar 31, 2010 at 4:18 PM

You need to upgrade.

The 1.2.x does not support the leading !.   From the relevant documentation page ,..

For IIRF v2.0.1.11 and later, you can append a ! to the pattern to negate it - in this case the pattern must evaluate to FALSE in order for the condition to evaluate to TRUE.

...and...

The logical negation can also apply to regular expressions, starting with IIRF V2.0.1.11.

Also, I don't test v1.2.x any more. v2.x is much better.  Be sure to read the Upgrading page.

 

Apr 9, 2010 at 11:40 AM

Ah.

 

Doh.