This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
-<title>Expressions in Apache HTTP Server - Apache HTTP Server</title>
+<title>Expressions in Apache HTTP Server - Apache HTTP Server Version 2.5</title>
<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
-<script src="./style/scripts/prettify.js" type="text/javascript">
+<script src="./style/scripts/prettify.min.js" type="text/javascript">
</script>
<link href="./images/favicon.ico" rel="shortcut icon" /></head>
<a href="./fr/expr.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p>
</div>
- <p>Historically, there are several syntax variants for expressions used to express
- a condition in the different modules of the Apache HTTP Server.
- There is some ongoing effort to only use a single variant, called <em>ap_expr</em>,
- for all configuration directives.
- This document describes the <em>ap_expr</em> expression parser.
+ <p>Historically, there are several syntax variants for expressions
+ used to express a condition in the different modules of the Apache
+ HTTP Server. There is some ongoing effort to only use a single
+ variant, called <em>ap_expr</em>, for all configuration directives.
+ This document describes the <em>ap_expr</em> expression parser.
</p>
<p>The <em>ap_expr</em> expression is intended to replace most other
- expression variants in HTTPD. For example, the deprecated
- <code class="directive"><a href="./mod/mod_ssl.html#sslrequire">SSLRequire</a></code> expressions can be
- replaced by <a href="mod/mod_authz_core.html#reqexpr">Require expr</a>.
- </p>
+ expression variants in HTTPD. For example, the deprecated <code class="directive"><a href="./mod/mod_ssl.html#sslrequire">SSLRequire</a></code> expressions can be replaced
+ by <a href="mod/mod_authz_core.html#reqexpr">Require expr</a>. </p>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#grammar">Grammar in Backus-Naur Form notation</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#vars">Variables</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#other">Other</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#sslrequire">Comparison with SSLRequire</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#compatibility">Version History</a></li>
-</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="./mod/core.html#if"><If></a></code></li><li><code class="directive"><a href="./mod/core.html#elseif"><ElseIf></a></code></li><li><code class="directive"><a href="./mod/core.html#else"><Else></a></code></li><li><code class="directive"><a href="./mod/mod_auth_basic.html#authbasicfake">AuthBasicFake</a></code></li><li><code class="directive"><a href="./mod/mod_auth_form.html#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code></li><li><code class="directive"><a href="./mod/mod_auth_form.html#authformloginsuccesslocation">AuthFormLoginSuccessLocation</a></code></li><li><code class="directive"><a href="./mod/mod_auth_form.html#authformlogoutlocation">AuthFormLogoutLocation</a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#setenvifexpr">SetEnvIfExpr</a></code></li><li><code class="directive"><a href="./mod/mod_headers.html#header">Header</a></code></li><li><code class="directive"><a href="./mod/mod_headers.html#requestheader">RequestHeader</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprovider">FilterProvider</a></code></li><li><a href="mod/mod_authz_core.html#reqexpr">Require expr</a></li><li><a href="mod/mod_authnz_ldap.html#requser">Require ldap-user</a></li><li><a href="mod/mod_authnz_ldap.html#reqgroup">Require ldap-group</a></li><li><a href="mod/mod_authnz_ldap.html#reqdn">Require ldap-dn</a></li><li><a href="mod/mod_authnz_ldap.html#reqattribute">Require ldap-attribute</a></li><li><a href="mod/mod_authnz_ldap.html#reqfilter">Require ldap-filter</a></li><li><a href="mod/mod_authz_dbd.html#reqgroup">Require dbd-group</a></li><li><a href="mod/mod_authz_dbm.html#reqgroup">Require dbm-group</a></li><li><a href="mod/mod_authz_groupfile.html#reqgroup">Require group</a></li><li><a href="mod/mod_authz_host.html#reqhost">Require host</a></li><li><code class="directive"><a href="./mod/mod_ssl.html#sslrequire">SSLRequire</a></code></li><li><code class="directive"><a href="./mod/mod_log_debug.html#logmessage">LogMessage</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li></ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="./mod/core.html#if"><If></a></code></li><li><code class="directive"><a href="./mod/core.html#elseif"><ElseIf></a></code></li><li><code class="directive"><a href="./mod/core.html#else"><Else></a></code></li><li><code class="directive"><a href="./mod/mod_auth_basic.html#authbasicfake">AuthBasicFake</a></code></li><li><code class="directive"><a href="./mod/mod_auth_form.html#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code></li><li><code class="directive"><a href="./mod/mod_auth_form.html#authformloginsuccesslocation">AuthFormLoginSuccessLocation</a></code></li><li><code class="directive"><a href="./mod/mod_auth_form.html#authformlogoutlocation">AuthFormLogoutLocation</a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#setenvifexpr">SetEnvIfExpr</a></code></li><li><code class="directive"><a href="./mod/mod_headers.html#header">Header</a></code></li><li><code class="directive"><a href="./mod/mod_headers.html#requestheader">RequestHeader</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprovider">FilterProvider</a></code></li><li><a href="mod/mod_authz_core.html#reqexpr">Require expr</a></li><li><a href="mod/mod_authnz_ldap.html#requser">Require ldap-user</a></li><li><a href="mod/mod_authnz_ldap.html#reqgroup">Require ldap-group</a></li><li><a href="mod/mod_authnz_ldap.html#reqdn">Require ldap-dn</a></li><li><a href="mod/mod_authnz_ldap.html#reqattribute">Require ldap-attribute</a></li><li><a href="mod/mod_authnz_ldap.html#reqfilter">Require ldap-filter</a></li><li><a href="mod/mod_auth
nz_ldap.html#reqsearch">Require ldap-search</a></li><li><a href="mod/mod_authz_dbd.html#reqgroup">Require dbd-group</a></li><li><a href="mod/mod_authz_dbm.html#reqgroup">Require dbm-group</a></li><li><a href="mod/mod_authz_groupfile.html#reqgroup">Require group</a></li><li><a href="mod/mod_authz_host.html#reqhost">Require host</a></li><li><code class="directive"><a href="./mod/mod_ssl.html#sslrequire">SSLRequire</a></code></li><li><code class="directive"><a href="./mod/mod_log_debug.html#logmessage">LogMessage</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li></ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="grammar" id="grammar">Grammar in Backus-Naur Form notation</a></h2>
- <p><a href="http://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Form">Backus-Naur Form</a> (BNF) is a notation
- technique for context-free grammars, often used to describe the syntax of languages used in computing.
+ <p><a href="http://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Form">Backus-Naur
+ Form</a> (BNF) is a notation technique for context-free grammars,
+ often used to describe the syntax of languages used in computing.
In most cases, expressions are used to express boolean values.
- For these, the starting point in the BNF is <code>expr</code>. However, a few directives
- like <code class="directive"><a href="./mod/mod_log_debug.html#logmessage">LogMessage</a></code> accept expressions
- that evaluate to a string value. For those, the starting point in the BNF is <code>string</code>.
+ For these, the starting point in the BNF is <code>expr</code>.
+ However, a few directives like <code class="directive"><a href="./mod/mod_log_debug.html#logmessage">LogMessage</a></code> accept expressions
+ that evaluate to a string value. For those, the starting point in
+ the BNF is <code>string</code>.
</p>
<blockquote>
-<pre>
-expr ::= "<strong>true</strong>" | "<strong>false</strong>"
+<pre>expr ::= "<strong>true</strong>" | "<strong>false</strong>"
| "<strong>!</strong>" expr
| expr "<strong>&&</strong>" expr
| expr "<strong>||</strong>" expr
rebackref ::= "<strong>$</strong>" [0-9]
-function ::= funcname "<strong>(</strong>" word "<strong>)</strong>"
+function ::= funcname "<strong>(</strong>" wordlist "<strong>)</strong>"
-listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"
-</pre>
+listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pre>
</blockquote>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<table class="bordered"><tr class="header"><th>Name</th></tr>
<tr><td><code>HTTP_ACCEPT</code></td></tr>
-<tr class="odd"><td><code>HTTP_FORWARDED</code></td></tr>
-<tr><td><code>HTTP_HOST</code></td></tr>
-<tr class="odd"><td><code>HTTP_PROXY_CONNECTION</code></td></tr>
-<tr><td><code>HTTP_REFERER</code></td></tr>
-<tr class="odd"><td><code>HTTP_USER_AGENT</code></td></tr>
+<tr class="odd"><td><code>HTTP_COOKIE</code></td></tr>
+<tr><td><code>HTTP_FORWARDED</code></td></tr>
+<tr class="odd"><td><code>HTTP_HOST</code></td></tr>
+<tr><td><code>HTTP_PROXY_CONNECTION</code></td></tr>
+<tr class="odd"><td><code>HTTP_REFERER</code></td></tr>
+<tr><td><code>HTTP_USER_AGENT</code></td></tr>
</table>
<p>Other request related variables</p>
<tr><td><code>REQUEST_URI</code></td>
<td>The path part of the request's URI</td></tr>
<tr class="odd"><td><code>DOCUMENT_URI</code></td>
- <td>Same as REQUEST_URI</td></tr>
+ <td>Same as <code>REQUEST_URI</code></td></tr>
<tr><td><code>REQUEST_FILENAME</code></td>
<td>The full local filesystem path to the file or script matching the
request, if this has already been determined by the server at the
<tr><td><code>REMOTE_HOST</code></td>
<td>The host name of the remote host</td></tr>
<tr class="odd"><td><code>REMOTE_USER</code></td>
- <td>The name of the authenticated user (if any)</td></tr>
+ <td>The name of the authenticated user, if any (not available during <code class="directive"><If></code>)</td></tr>
<tr><td><code>REMOTE_IDENT</code></td>
<td>The user name set by <code class="module"><a href="./mod/mod_ident.html">mod_ident</a></code></td></tr>
<tr class="odd"><td><code>SERVER_NAME</code></td>
<td>The <code class="directive"><a href="./mod/core.html#documentroot">DocumentRoot</a></code> of
the current vhost</td></tr>
<tr class="odd"><td><code>AUTH_TYPE</code></td>
- <td>The configured <code class="directive"><a href="./mod/mod_authn_core.html#authtype">AuthType</a></code>
- (e.g. "<code>basic</code>")</td></tr>
+ <td>The configured <code class="directive"><a href="./mod/mod_authn_core.html#authtype">AuthType</a></code> (e.g.
+ "<code>basic</code>")</td></tr>
<tr><td><code>CONTENT_TYPE</code></td>
- <td>The content type of the response</td></tr>
+ <td>The content type of the response (not available during <code class="directive"><If></code>)</td></tr>
<tr class="odd"><td><code>HANDLER</code></td>
<td>The name of the <a href="handler.html">handler</a> creating
the response</td></tr>
<td>"<code>on</code>" if the connection uses IPv6,
"<code>off</code>" otherwise</td></tr>
<tr><td><code>REQUEST_STATUS</code></td>
- <td>The HTTP error status of the request</td></tr>
+ <td>The HTTP error status of the request (not available during <code class="directive"><If></code>)</td></tr>
<tr class="odd"><td><code>REQUEST_LOG_ID</code></td>
<td>The error log id of the request (see
<code class="directive"><a href="./mod/core.html#errorlogformat">ErrorLogFormat</a></code>)</td></tr>
<tr class="odd"><td><code>CONN_REMOTE_ADDR</code></td>
<td>The peer IP address of the connection (see the
<code class="module"><a href="./mod/mod_remoteip.html">mod_remoteip</a></code> module)</td></tr>
+<tr><td><code>CONTEXT_PREFIX</code></td>
+ <td /></tr>
+<tr class="odd"><td><code>CONTEXT_DOCUMENT_ROOT</code></td>
+ <td /></tr>
</table>
<p>Misc variables</p>
<td>The day of the week (starting with <code>0</code>
for Sunday)</td></tr>
<tr class="odd"><td><code>TIME</code></td>
- <td>The date and time in the format <code>20101231235959</code></td></tr>
+ <td>The date and time in the format
+ <code>20101231235959</code></td></tr>
<tr><td><code>SERVER_SOFTWARE</code></td>
<td>The server version string</td></tr>
<tr class="odd"><td><code>API_VERSION</code></td>
<td>The date of the API version (module magic number)</td></tr>
</table>
- <p>Some modules register additional variables, see e.g. <code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code>.</p>
+ <p>Some modules register additional variables, see e.g.
+ <code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code>.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<tr class="odd"><td><code>>=</code></td>
<td />
<td>String greater than or equal</td></tr>
+<tr><td><code>=~</code></td>
+ <td />
+ <td>String matches the regular expression</td></tr>
+<tr class="odd"><td><code>!~</code></td>
+ <td />
+ <td>String does not match the regular expression</td></tr>
<tr><td><code>-eq</code></td>
<td><code>eq</code></td>
<td>Integer equality</td></tr>
"<code>false</code>", or "<code>no</code>" (case insensitive).
True otherwise.</td><td /></tr>
<tr><td><code>-R</code></td>
- <td>Same as "<code>%{REMOTE_ADDR} -ipmatch ...</code>", but more efficient
+ <td>Same as "<code>%{REMOTE_ADDR} -ipmatch ...</code>", but more
+ efficient
</td><td /></tr>
</table>
<td>Same as <code>req</code>, but header names will not be added to the
Vary header</td><td /></tr>
<tr><td><code>resp</code></td>
- <td>Get HTTP response header</td><td /></tr>
+ <td>Get HTTP response header (most response headers will not yet be set during <code class="directive"><If></code>)</td><td /></tr>
<tr class="odd"><td><code>reqenv</code></td>
- <td>Lookup request environment variable (as a shortcut, <code>v</code> can be used too to access variables).</td><td /></tr>
+ <td>Lookup request environment variable (as a shortcut,
+ <code>v</code> can be used too to access
+ variables).</td><td /></tr>
<tr><td><code>osenv</code></td>
<td>Lookup operating system environment variable</td><td /></tr>
<tr class="odd"><td><code>note</code></td>
<td>Hash the string using SHA1, then encode the hash with hexadecimal
encoding</td><td /></tr>
<tr class="odd"><td><code>file</code></td>
- <td>Read contents from a file</td><td>yes</td></tr>
+ <td>Read contents from a file (including line endings, when present)
+ </td><td>yes</td></tr>
<tr><td><code>filesize</code></td>
<td>Return size of a file (or 0 if file does not exist or is not
regular file)</td><td>yes</td></tr>
+<tr class="odd"><td><code>ldap</code></td>
+ <td>Escape characters as required by LDAP distinguished name escaping
+ (RFC4514) and LDAP filter escaping (RFC4515).</td><td /></tr>
+<tr><td><code>replace</code></td>
+ <td>replace(string, "from", "to") replaces all occurences of "from"
+ in the string with "to".</td><td /></tr>
</table>
<p>The functions marked as "restricted" are not available in some modules
the expression. The <code>req_novary</code> function can be used to
prevent names from being added to the Vary header.</p>
- <p>In addition to string-valued functions, there are also list-valued functions which
- take one string as argument and return a wordlist, i.e. a list of strings. The wordlist
- can be used with the special <code>-in</code> operator.
- Functions names are not case sensitive.
- Modules may register additional functions.</p>
+ <p>In addition to string-valued functions, there are also
+ list-valued functions which take one string as argument and return a
+ wordlist, i.e. a list of strings. The wordlist can be used with the
+ special <code>-in</code> operator. Functions names are not case
+ sensitive. Modules may register additional functions.</p>
<p>There are no built-in list-valued functions. <code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code>
provides <code>PeerExtList</code>. See the description of
<h2><a name="examples" id="examples">Example expressions</a></h2>
- <p>The following examples show how expressions might be used to evaluate requests:</p>
+ <p>The following examples show how expressions might be used to
+ evaluate requests:</p>
+
- <pre class="prettyprint lang-config">
-# Compare the host name to example.com and redirect to www.example.com if it matches
+ <pre class="prettyprint lang-config"># Compare the host name to example.com and redirect to www.example.com if it matches
<If "%{HTTP_HOST} == 'example.com'">
Redirect permanent / http://www.example.com/
</If>
# Only allow access to this content during business hours
<Directory "/foo/bar/business">
- Require expr "%{TIME_HOUR} -gt 9 && %{TIME_HOUR} -lt 17"
+ Require expr %{TIME_HOUR} -gt 9 && %{TIME_HOUR} -lt 17
</Directory>
- </pre>
+
+# Check a HTTP header for a list of values
+<If "%{HTTP:X-example-header} in { 'foo', 'bar', 'baz' }">
+ Header set matched true
+</If>
+
+# Check an environment variable for a regular expression, negated.
+<If "! reqenv('REDIRECT_FOO') =~ /bar/">
+ Header set matched true
+</If>
+
+# Check result of URI mapping by running in Directory context with -f
+<Directory /var/www>
+ AddEncoding x-gzip gz
+<If "-f '%{REQUEST_FILENAME}.unzipme' && ! %{HTTP:Accept-Encoding} =~ /gzip/">
+ SetOutputFilter INFLATE
+</If>
+</Directory>
+
+# Function examples in boolean context
+<If "md5('foo') == 'acbd18db4cc2f85cedef654fccc4a4d8'">
+ Header set checksum-matched true
+</If>
+<If "md5('foo') == replace('md5:XXXd18db4cc2f85cedef654fccc4a4d8', 'md5:XXX', 'acb')>
+ Header set checksum-matched-2 true
+</If>
+
+# Function example in string context
+Header set foo-checksum "expr=%{md5:foo}"</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<table class="bordered"><tr class="header"><th>Name</th><th>Alternative</th> <th>Description</th></tr>
<tr><td><code>-in</code></td>
<td><code>in</code></td>
- <td>string contained in string list</td></tr>
+ <td>string contained in wordlist</td></tr>
<tr class="odd"><td><code>/regexp/</code></td>
<td><code>m#regexp#</code></td>
- <td>Regular expression (the second form allows different delimiters than /)</td></tr>
+ <td>Regular expression (the second form allows different
+ delimiters than /)</td></tr>
<tr><td><code>/regexp/i</code></td>
<td><code>m#regexp#i</code></td>
<td>Case insensitive regular expression</td></tr>
}
})(window, document);
//--><!]]></script></div><div id="footer">
-<p class="apache">Copyright 201
3 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
+<p class="apache">Copyright 201
4 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><
projects / apache / blobdiff