1 <?xml version='1.0' encoding='UTF-8' ?>
2 <!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Licensed to the Apache Software Foundation (ASF) under one or more
8 contributor license agreements. See the NOTICE file distributed with
9 this work for additional information regarding copyright ownership.
10 The ASF licenses this file to You under the Apache License, Version 2.0
11 (the "License"); you may not use this file except in compliance with
12 the License. You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="flags.xml.meta">
24 <parentdocument href="./">Rewrite</parentdocument>
26 <title>Apache mod_rewrite Flags</title>
29 <p>This document discusses the flags which are available to the
30 <directive module="mod_rewrite">RewriteRule</directive> directive,
31 providing detailed explanations and examples. This is not necessarily
32 a comprehensive list of all flags available, so be sure to also
33 consult the reference documentation.</p>
36 <seealso><a href="../mod/mod_rewrite.html">Module documentation</a></seealso>
37 <seealso><a href="tech.html">Technical details</a></seealso>
39 <section id="introduction"><title>Introduction</title>
40 <p><directive module="mod_rewrite">RewriteRule</directive>s can have
41 their behavior modified by one or more flags. Flags are included in
42 square brackets at the end of the rule, and multiple flags are separated
45 RewriteRule pattern target [Flag1,Flag2,Flag3]
48 <p>The flags all have a short form, such as <code>CO</code>, as well as
49 a longer form, such as <code>cookie</code>. Some flags take one or more
50 arguments. Flags are not case sensitive.</p>
54 <section id="flags"><title>The flags</title>
56 <p>Each flag has a long and short form. While it is most common to use
57 the short form, it is recommended that you familiarize yourself with the
58 long form, so that you remember what each flag is supposed to do.</p>
60 <p>Presented here are each of the available flags, along with an example
61 of how you might use them.</p>
63 <section id="flag_b"><title>B</title>
64 <p>The [B] flag instructs <directive
65 module="mod_rewrite">RewriteRule</directive> to escape non-alphanumeric
66 characters before applying the transformation.
70 <section id="flag_c"><title>C|chain</title>
71 <p>The [C] or [chain] flag indicates that the <directive
72 module="mod_rewrite">RewriteRule</directive> is chained to the next
73 rule. That is, if the rule matches, then it is processed as usual and
74 control moves on to the next rule. However, if it does not match, then
75 the next rule, and any other rules that are chained together, will be
80 <section id="flag_co"><title>CO|cookie</title>
81 <p>The [CO], or [cookie] flag, allows you to set a cookie when a
82 particular <directive module="mod_rewrite">RewriteRule</directive>
83 matches. The argument consists of three required fields and two optional
85 <p>You must declare a name and value for the cookie to be set, and the
86 domain for which you wish the cookie to be valid. You may optionally set
87 the lifetime of the cookie, and the path for which it should be
89 <p>By default, the lifetime of the cookie is the current browser
91 <p>By default, the path for which the cookie will be valid is "/" - that
92 is, the entire website.</p>
93 <p>Several examples are offered here:</p>
96 RewriteEngine On<br />
97 RewriteRule ^/index\.html - [CO=frontdoor:yes:.apache.org:1440:/]
100 <p>In the example give, the rule doesn't rewrite the request.
101 The "-" rewrite target tells mod_rewrite to pass the request
102 through unchanged. Instead, it sets a cookie
103 called 'frontdoor' to a value of 'yes'. The cookie is valid for any host
104 in the <code>.apache.org</code> domain. It will be set to expire in 1440
105 minutes (24 hours) and will be returned for all URIs.</p>
109 <section id="flag_dpi"><title>DPI|discardpathinfo</title>
110 <p>The DPI flag causes the PATH_INFO portion of the rewritten URI to be
114 <section id="flag_e"><title>E|env</title>
115 <p>With the [E], or [env] flag, you can set the value of an environment
116 variable. Note that some environment variables may be set after the rule
117 is run, thus unsetting what you have set. See <a href="../env.html">the
118 Environment Variables document</a> for more details on how Environment
121 <p>The following example sets an evironment variable called 'image' to a
122 value of '1' if the requested URI is an image file. Then, that
123 environment variable is used to exclude those requests from the access
127 RewriteRule \.(png|gif|jpg) - [E=image:1]<br />
128 CustomLog logs/access_log combined env=!image
131 <p>Note that this same effect can be obtained using <directive
132 module="mod_setenvif">SetEnvIf</directive>. This technique is offered as
133 an example, not as a recommendation.</p>
136 <section id="flag_f"><title>F|forbidden</title>
137 <p>Using the [F] flag causes Apache to return a 403 Forbidden status
138 code to the client. While the same behavior can be accomplished using
139 the <directive module="mod_access">Deny</directive> directive, this
140 allows more flexibility in assigning a Forbidden status.</p>
142 <p>The following rule will forbid <code>.exe</code> files from being
143 downloaded from your server.</p>
146 RewriteRule \.exe - [F]
149 <p>This example uses the "-" syntax for the rewrite target, which means
150 that the requested URI is not modified. There's no reason to rewrite to
151 another URI, if you're going to forbid the request.</p>
155 <section id="flag_g"><title>G|gone</title>
156 <p>The [G] flag forces Apache to return a 410 Gone status with the
157 response. This indicates that a resource used to be available, but is no
158 longer available.</p>
160 <p>As with the [F] flag, you will typically use the "-" syntax for the
161 rewrite target when using the [G] flag:</p>
164 RewriteRule oldproduct - [G,NC]
168 <section id="flag_h"><title>H|handler</title>
169 <p>Forces the resulting request to be handled with the specified
170 handler. For example, one might use this to force all files without a
171 file extension to be parsed by the php handler:</p>
174 RewriteRule !\. - [H=application/x-httpd-php]
178 The regular expression above - <code>!\.</code> - will match any request
179 that does not contain the literal <code>.</code> character.
182 <p>This can be also used to force the handler based on some conditions.
183 For example, the following snippet used in per-server context allows
184 <code>.php</code> files to be <em>displayed</em> by <code>mod_php</code>
185 if they are requested with the <code>.phps</code> extension:</p>
188 RewriteRule ^(/source/.+\.php)s$ $1 [H=application/x-httpd-php-source]
191 <p>The regular expression above - <code>^(/source/.+\.php)s$</code> - will
192 match any request that starts with <code>/source/</code> followed by 1 or
193 n characters followed by <code>.phps</code> literally. The backreference
194 $1 referrers to the captured match within parenthesis of the regular
198 <section id="flag_l"><title>L|last</title>
199 <p>The [L] flag causes <module>mod_rewrite</module> to stop processing
200 the rule set. In most contexts, this means that if the rule matches, no
201 further rules will be processed.</p>
203 <p>If you are using <directive
204 module="mod_rewrite">RewriteRule</directive> in either
205 <code>.htaccess</code> files or in
206 <directive type="section" module="core">Directory</directive> sections,
207 it is important to have some understanding of how the rules are
208 processed. The simplified form of this is that once the rules have been
209 processed, the rewritten request is handed back to the URL parsing
210 engine to do what it may with it. It is possible that as the rewritten
211 request is handled, the <code>.htaccess</code> file or
212 <directive type="section" module="core">Directory</directive> section
213 may be encountered again, and thus the ruleset may be run again from the
214 start. Most commonly this will happen if one of the rules causes a
215 redirect - either internal or external - causing the request process to
218 <p>It is therefore important, if you are using <directive
219 module="mod_rewrite">RewriteRule</directive> directives in one of these
220 contexts, that you take explicit steps to avoid rules looping, and not
221 count solely on the [L] flag to terminate execution of a series of
222 rules, as shown below.</p>
224 <p>The example given here will rewrite any request to
225 <code>index.php</code>, giving the original request as a query string
226 argument to <code>index.php</code>, however, the <directive
227 module="mod_rewrite">RewriteCond</directive> ensures that if the request
228 is already for <code>index.php</code>, the <directive
229 module="mod_rewrite">RewriteRule</directive> will be skipped.</p>
232 RewriteCond %{REQUEST_URI} !=index.php<br />
233 RewriteRule ^(.*) index.php?req=$1 [L]
237 <section id="flag_n"><title>N|next</title>
239 The [N] flag causes the ruleset to start over again from the top. Use
240 with extreme caution, as it may result in loop.
243 The [Next] flag could be used, for example, if you wished to replace a
244 certain string or letter repeatedly in a request. The example shown here
245 will replace A with B everywhere in a request, and will continue doing
246 so until there are no more As to be replaced.
250 RewriteRule (.*)A(.*) $1B$2 [N]
253 <p>You can think of this as a <code>while</code> loop: While this
254 pattern still matches (i.e., while the URI still contains an
255 <code>A</code>), perform this substitution (i.e., replace the
256 <code>A</code> with a <code>B</code>).</p>
260 <section id="flag_nc"><title>NC|nocase</title>
261 <p>Use of the [NC] flag causes the <directive
262 module="mod_rewrite">RewriteRule</directive> to be matched in a
263 case-insensitive manner. That is, it doesn't care whether letters appear
264 as upper-case or lower-case in the matched URI.</p>
266 <p>In the example below, any request for an image file will be proxied
267 to your dedicated image server. The match is case-insensitive, so that
268 <code>.jpg</code> and <code>.JPG</code> files are both acceptable, for
272 RewriteRule (.*\.(jpg|gif|png))$ http://images.example.com$1 [P,NC]
276 <section id="flag_ne"><title>NE|noescape</title>
277 <p>By default, special characters, such as <code>&</code> and
278 <code>?</code>, for example, will be converted to their hexcode
279 equivalent. Using the [NE] flag prevents that from happening.
283 RewriteRule ^/anchor/(.+) /bigpage.html#$1 [NE,R]
287 The above example will redirect <code>/anchor/xyz</code> to
288 <code>/bigpage.html#xyz</code>. Omitting the [NE] will result in the #
289 being converted to its hexcode equivalent, <code>%23</code>, which will
290 then result in a 404 Not Found error condition.
295 <section id="flag_ns"><title>NS|nosubreq</title>
296 <p>Use of the [NS] flag prevents the rule from being used on
297 subrequests. For example, a page which is included using an SSI (Server
298 Side Include) is a subrequest, and you may want to avoid rewrites
299 happening on those subrequests.</p>
302 Images, javascript files, or css files, loaded as part of an HTML page,
303 are not subrequests - the browser requests them as separate HTTP
308 <section id="flag_p"><title>P|proxy</title>
309 <p>Use of the [P] flag causes the request to be handled by
310 <module>mod_proxy</module>, and handled via a proxy request. For
311 example, if you wanted all image requests to be handled by a back-end
312 image server, you might do something like the following:</p>
315 RewriteRule (.*)\.(jpg|gif|png) http://images.example.com$1.$2 [P]
318 <p>Use of the [P] flag implies [L] - that is, the request is immediatly
319 pushed through the proxy, and any following rules will not be
324 <section id="flag_pt"><title>PT|passthrough</title>
327 The target (or substitution string) in a RewriteRule is assumed to be a
328 file path, by default. The use of the [PT] flag causes it to be treated
329 as a URI instead. That is to say, the
330 use of the [PT] flag causes the result of the <directive
331 module="mod_rewrite">RewriteRule</directive> to be passed back through
332 URL mapping, so that location-based mappings, such as <directive
333 module="mod_alias">Alias</directive>, for example, might have a chance to take
338 If, for example, you have an
339 <directive module="mod_alias">Alias</directive>
340 for /icons, and have a <directive
341 module="mod_rewrite">RewriteRule</directive> pointing there, you should
342 use the [PT] flag to ensure that the
343 <directive module="mod_alias">Alias</directive> is evaluated.
347 Alias /icons /usr/local/apache/icons<br />
348 RewriteRule /pics/(.+)\.jpg /icons/$1.gif [PT]
352 Omission of the [PT] flag in this case will cause the Alias to be
353 ignored, resulting in a 'File not found' error being returned.
358 <section id="flag_qsa"><title>QSA|qsappend</title>
360 When the replacement URI contains a query string, the default behavior
361 of <directive module="mod_rewrite">RewriteRule</directive> is to discard
362 the existing query string, and replace it with the newly generated one.
363 Using the [QSA] flag causes the query strings to be combined.
366 <p>Consider the following rule:</p>
369 RewriteRule /pages/(.+) /page.php?page=$1 [QSA]
372 <p>With the [QSA] flag, a request for <code>/pages/123?one=two</code> will be
373 mapped to <code>/page.php?page=123&one=two</code>. Without the [QSA]
374 flag, that same request will be mapped to
375 <code>/page.php?page=123</code> - that is, the existing query string
380 <section id="flag_qsd"><title>QSD|qsdiscard</title>
382 When the requested URI contains a query string, and the target URI does
383 not, the default behavior of <directive
384 module="mod_rewrite">RewriteRule</directive> is to copy that query
385 string to the target URI. Using the [QSD] flag causes the query string
390 Using [QSD] and [QSA] together will result in [QSD] taking preference.
394 If the target URI has a query string, the default behavior will be
395 observed - that is, the original query string will be discarded and
396 replaced with the query string in the <code>RewriteRule</code> target
402 <section id="flag_r"><title>R|redirect</title>
404 Use of the [R] flag causes a HTTP redirect to be issued to the browser.
405 If a fully-qualified URL is specified (that is, including
406 <code>http://servername/</code>) then a redirect will be issued to that
407 location. Otherwise, the current servername will be used to generate the
408 URL sent with the redirect.
412 <em>Any</em> status code may be specified, that is a valid HTTP Response,
413 with a 302 status code being used by default if none is specified.
417 You will almost always want to use [R] in conjunction with [L] (that is,
418 use [R,L]) because on its own, the [R] flag prepends
419 <code>http://thishost[:thisport]</code> to the URI, but then passes this
420 on to the next rule in the ruleset, which can often result in 'Invalid
421 URI in request' warnings.
426 <section id="flag_s"><title>S|skip</title>
427 <p>The [S] flag is used to skip rules that you don't want to run. This
428 can be thought of as a <code>goto</code> statement in your rewrite
429 ruleset. In the following example, we only want to run the <directive
430 module="mod_rewrite">RewriteRule</directive> if the requested URI
431 doesn't correspond with an actual file.</p>
434 # Is the request for a non-existent file?<br />
435 RewriteCond %{REQUEST_FILENAME} !-f<br />
436 RewriteCond %{REQUEST_FILENAME} !-d<br />
437 # If so, skip these two RewriteRules<br />
438 RewriteRule .? - [S=2]<br />
440 RewriteRule (.*\.gif) images.php?$1<br />
441 RewriteRule (.*\.html) docs.php?$1
444 <p>This technique is useful because a <directive
445 module="mod_rewrite">RewriteCond</directive> only applies to the
446 <directive module="mod_rewrite">RewriteRule</directive> immediately
447 following it. Thus, if you want to make a <code>RewriteCond</code> apply
448 to several <code>RewriteRule</code>s, one possible technique is to
449 negate those conditions and use a [Skip] flag.</p>
453 <section id="flag_t"><title>T|type</title>
454 <p>Sets the MIME type with which the resulting response will be
455 sent. This has the same effect as the <directive
456 module="mod_mime">AddType</directive> directive.</p>
458 <p>For example, you might use the following technique to serve Perl
459 source code as plain text, if requested in a particular way:</p>
462 # Serve .pl files as plain text<br />
463 RewriteRule \.pl$ - [T=text/plain]
466 <p>Or, perhaps, if you have a camera that produces jpeg images without
467 file extensions, you could force those images to be served with the
468 correct MIME type by virtue of their file names:</p>
471 # Files with 'IMG' in the name are jpg images.<br />
472 RewriteRule IMG - [T=image/jpg]
475 <p>Please note that this is a trivial example, and could be better done
476 using <directive type="section" module="core">FilesMatch</directive>
477 instead. Always consider the alternate
478 solutions to a problem before resorting to rewrite, which will
479 invariably be a less efficient solution than the alternatives.</p>