-->
<manualpage metafile="flags.xml.meta">
-<parentdocument href="./index.html"/>
+<parentdocument href="./">Rewrite</parentdocument>
- <title>Apache mod_rewrite Flags</title>
+ <title>RewriteRule Flags</title>
<summary>
<p>This document discusses the flags which are available to the
<directive module="mod_rewrite">RewriteRule</directive> directive,
-providing more detailed explanations and examples of each.</p>
+providing detailed explanations and examples.</p>
</summary>
<seealso><a href="../mod/mod_rewrite.html">Module documentation</a></seealso>
-<seealso><a href="rewrite_tech.html">Technical details</a></seealso>
-<seealso><a href="rewrite_guide.html">Rewrite Guide - useful examples</a></seealso>
-<seealso><a href="rewrite_guide_advanced.html">Advanced Rewrite Guide -
-advanced useful examples</a></seealso>
+<seealso><a href="intro.html">mod_rewrite introduction</a></seealso>
+<seealso><a href="remapping.html">Redirection and remapping</a></seealso>
+<seealso><a href="access.html">Controlling access</a></seealso>
+<seealso><a href="vhosts.html">Virtual hosts</a></seealso>
+<seealso><a href="proxy.html">Proxying</a></seealso>
+<seealso><a href="rewritemap.html">Using RewriteMap</a></seealso>
+<seealso><a href="advanced.html">Advanced techniques</a></seealso>
+<seealso><a href="avoid.html">When not to use mod_rewrite</a></seealso>
<section id="introduction"><title>Introduction</title>
-<p><directive module="mod_rewrite">RewriteRule</directive>s can have
-their behavior modified by one or more flags. Flags are included in
+<p>A <directive module="mod_rewrite">RewriteRule</directive> can have
+its behavior modified by one or more flags. Flags are included in
square brackets at the end of the rule, and multiple flags are separated
by commas.</p>
-<example>
+<highlight language="config">
RewriteRule pattern target [Flag1,Flag2,Flag3]
-</example>
-
-<p>The flags all have a short form, such as <code>CO</code>, as well as
-a longer form, such as <code>cookie</code>. Some flags take one or more
-arguments. Flags are not case sensitive.</p>
-
-</section>
+</highlight>
-<section id="flags"><title>The flags</title>
-
-<p>Each flag has a long and short form. While it is most common to use
+<p>Each flag (with a few exceptions) has a short form, such as
+<code>CO</code>, as well as a longer form, such as <code>cookie</code>.
+While it is most common to use
the short form, it is recommended that you familiarize yourself with the
-long form, so that you remember what each flag is supposed to do.</p>
+long form, so that you remember what each flag is supposed to do.
+Some flags take one or more arguments. Flags are not case sensitive.</p>
+
+<p>Flags that alter metadata associated with the request (T=, H=, E=)
+have no affect in per-directory and htaccess context, when a substitution
+(other than '-') is performed during the same round of rewrite processing.
+</p>
<p>Presented here are each of the available flags, along with an example
of how you might use them.</p>
+</section>
+
+<section id="flag_b"><title>B (escape backreferences)</title>
+<p>The [B] flag instructs <directive
+module="mod_rewrite">RewriteRule</directive> to escape non-alphanumeric
+characters before applying the transformation.</p>
+<p>In 2.4.10 and later, you can limit the escaping to specific characters
+in backreferences by listing them: <code>[B=#?;]</code>. Note: The space
+character can be used in the list of characters to escape, but it cannot be
+the last character in the list.</p>
+
+<p><code>mod_rewrite</code> has to unescape URLs before mapping them,
+so backreferences are unescaped at the time they are applied.
+Using the B flag, non-alphanumeric characters in backreferences
+will be escaped. For example, consider the rule:</p>
+
+<highlight language="config">
+RewriteRule "^search/(.*)$" "/search.php?term=$1"
+</highlight>
+
+<p>Given a search term of 'x & y/z', a browser will encode it as
+'x%20%26%20y%2Fz', making the request 'search/x%20%26%20y%2Fz'. Without the B
+flag, this rewrite rule will map to 'search.php?term=x & y/z', which
+isn't a valid URL, and so would be encoded as
+<code>search.php?term=x%20&y%2Fz=</code>, which is not what was intended.</p>
+
+<p>With the B flag set on this same rule, the parameters are re-encoded
+before being passed on to the output URL, resulting in a correct mapping to
+<code>/search.php?term=x%20%26%20y%2Fz</code>.</p>
+
+<p>Note that you may also need to set <directive
+module="core">AllowEncodedSlashes</directive> to <code>On</code> to get this
+particular example to work, as httpd does not allow encoded slashes in URLs, and
+returns a 404 if it sees one.</p>
+
+<p>This escaping is particularly necessary in a proxy situation,
+when the backend may break if presented with an unescaped URL.</p>
+
+<p>An alternative to this flag is using a <directive module="mod_rewrite"
+>RewriteCond</directive> to capture against %{THE_REQUEST} which will capture
+strings in the encoded form.</p>
+</section>
+
+<section id="flag_bnp"><title>BNP|backrefnoplus (don't escape space to +)</title>
+<p>The [BNP] flag instructs <directive
+module="mod_rewrite">RewriteRule</directive> to escape the space character
+in a backreference to %20 rather than '+'. Useful when the backreference
+will be used in the path component rather than the query string.</p>
+</section>
<section id="flag_c"><title>C|chain</title>
<p>The [C] or [chain] flag indicates that the <directive
module="mod_rewrite">RewriteRule</directive> is chained to the next
rule. That is, if the rule matches, then it is processed as usual and
control moves on to the next rule. However, if it does not match, then
-the next rule, and any other rules that are chained together, will be
+the next rule, and any other rules that are chained together, are
skipped.</p>
</section>
<section id="flag_co"><title>CO|cookie</title>
<p>The [CO], or [cookie] flag, allows you to set a cookie when a
particular <directive module="mod_rewrite">RewriteRule</directive>
-matches. The argument consists of three required fields and two optional
+matches. The argument consists of three required fields and four optional
fields.</p>
-<p>You must declare a name and value for the cookie to be set, and the
-domain for which you wish the cookie to be valid. You may optionally set
-the lifetime of the cookie, and the path for which it should be
-returned.</p>
-<p>By default, the lifetime of the cookie is the current browser
-session.</p>
-<p>By default, the path for which the cookie will be valid is "/" - that
-is, the entire website.</p>
-<p>Several examples are offered here:</p>
+
+<p>The full syntax for the flag, including all attributes, is as
+follows:</p>
<example>
-RewriteEngine On<br />
-RewriteRule ^/index.html - [CO=frontdoor=yes:.apache.org:1440:/]
+[CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly]
</example>
-<p>This rule doesn't rewrite the request (the "-" rewrite target tells
-mod_rewrite to pass the request through unchanged) but sets a cookie
+<p>You must declare a name, a value, and a domain for the cookie to be set.</p>
+
+<dl>
+<dt>Domain</dt>
+<dd>The domain for which you want the cookie to be valid. This may be a
+hostname, such as <code>www.example.com</code>, or it may be a domain,
+such as <code>.example.com</code>. It must be at least two parts
+separated by a dot. That is, it may not be merely <code>.com</code> or
+<code>.net</code>. Cookies of that kind are forbidden by the cookie
+security model.</dd>
+</dl>
+
+<p>You may optionally also set the following values:</p>
+
+<dl>
+<dt>Lifetime</dt>
+<dd>The time for which the cookie will persist, in minutes.</dd>
+<dd>A value of 0 indicates that the cookie will persist only for the
+current browser session. This is the default value if none is
+specified.</dd>
+
+<dt>Path</dt>
+<dd>The path, on the current website, for which the cookie is valid,
+such as <code>/customers/</code> or <code>/files/download/</code>.</dd>
+<dd>By default, this is set to <code>/</code> - that is, the entire
+website.</dd>
+
+<dt>Secure</dt>
+<dd>If set to <code>secure</code>, <code>true</code>, or <code>1</code>,
+the cookie will only be permitted to be translated via secure (https)
+connections.</dd>
+
+<dt>httponly</dt>
+<dd>If set to <code>HttpOnly</code>, <code>true</code>, or
+<code>1</code>, the cookie will have the <code>HttpOnly</code> flag set,
+which means that the cookie is inaccessible to JavaScript code on
+browsers that support this feature.</dd>
+</dl>
+
+<p>Consider this example:</p>
+
+<highlight language="config">
+RewriteEngine On
+RewriteRule "^/index\.html" "-" [CO=frontdoor:yes:.example.com:1440:/]
+</highlight>
+
+<p>In the example give, the rule doesn't rewrite the request.
+The "-" rewrite target tells mod_rewrite to pass the request
+through unchanged. Instead, it sets a cookie
called 'frontdoor' to a value of 'yes'. The cookie is valid for any host
-in the <code>.apache.org</code> domain. It will be set to expire in 1440
-minutes (24 hours) and will be returned for all URIs.</p>
+in the <code>.example.com</code> domain. It is set to expire in 1440
+minutes (24 hours) and is returned for all URIs.</p>
</section>
+<section id="flag_dpi"><title>DPI|discardpath</title>
+<p>The DPI flag causes the PATH_INFO portion of the rewritten URI to be
+discarded.</p>
+<p>This flag is available in version 2.2.12 and later.</p>
+<p>In per-directory context, the URI each <directive>RewriteRule</directive>
+compares against is the concatenation of the current values of the URI
+and PATH_INFO.</p>
+
+<p>The current URI can be the initial URI as requested by the client, the
+result of a previous round of mod_rewrite processing, or the result of
+a prior rule in the current round of mod_rewrite processing.</p>
+
+<p>In contrast, the PATH_INFO that is appended to the URI before each
+rule reflects only the value of PATH_INFO before this round of
+mod_rewrite processing. As a consequence, if large portions
+of the URI are matched and copied into a substitution in multiple
+<directive>RewriteRule</directive> directives, without regard for
+which parts of the URI came from the current PATH_INFO, the final
+URI may have multiple copies of PATH_INFO appended to it.</p>
+
+<p>Use this flag on any substitution where the PATH_INFO that resulted
+from the previous mapping of this request to the filesystem is not of
+interest. This flag permanently forgets the PATH_INFO established
+before this round of mod_rewrite processing began. PATH_INFO will
+not be recalculated until the current round of mod_rewrite processing
+completes. Subsequent rules during this round of processing will see
+only the direct result of substitutions, without any PATH_INFO
+appended.</p>
+</section>
+
<section id="flag_e"><title>E|env</title>
<p>With the [E], or [env] flag, you can set the value of an environment
variable. Note that some environment variables may be set after the rule
Environment Variables document</a> for more details on how Environment
variables work.</p>
-<p>The following example sets an evironment variable called 'image' to a
+<p>The full syntax for this flag is:</p>
+
+<example>
+[E=VAR:VAL]
+[E=!VAR]
+</example>
+
+<p><code>VAL</code> may contain backreferences (<code>$N</code> or
+<code>%N</code>) which are expanded.</p>
+
+<p>Using the short form</p>
+
+<example>
+[E=VAR]
+</example>
+
+<p>you can set the environment variable named <code>VAR</code> to an
+empty value.</p>
+
+<p>The form</p>
+
+<example>
+[E=!VAR]
+</example>
+
+<p>allows to unset a previously set environment variable named
+<code>VAR</code>.</p>
+
+<p>Environment variables can then be used in a variety of
+contexts, including CGI programs, other RewriteRule directives, or
+CustomLog directives.</p>
+
+<p>The following example sets an environment variable called 'image' to a
value of '1' if the requested URI is an image file. Then, that
environment variable is used to exclude those requests from the access
log.</p>
-<example>
-RewriteRule \.(png|gif|jpg) - [E=image:1]<br />
-CustomLog logs/access_log combined env=!image
-</example>
+<highlight language="config">
+RewriteRule "\.(png|gif|jpg)$" "-" [E=image:1]
+CustomLog "logs/access_log" combined env=!image
+</highlight>
<p>Note that this same effect can be obtained using <directive
module="mod_setenvif">SetEnvIf</directive>. This technique is offered as
an example, not as a recommendation.</p>
</section>
+<section id="flag_end"><title>END</title>
+<p>Using the [END] flag terminates not only the current round of rewrite
+processing (like [L]) but also prevents any subsequent rewrite
+processing from occurring in per-directory (htaccess) context.</p>
+
+<p>This does not apply to new requests resulting from external
+redirects.</p>
+</section>
+
<section id="flag_f"><title>F|forbidden</title>
-<p>Using the [F] flag causes Apache to return a 403 Forbidden status
+<p>Using the [F] flag causes the server to return a 403 Forbidden status
code to the client. While the same behavior can be accomplished using
-the <directive module="mod_access">Deny</directive> directive, this
+the <directive module="mod_access_compat">Deny</directive> directive, this
allows more flexibility in assigning a Forbidden status.</p>
<p>The following rule will forbid <code>.exe</code> files from being
downloaded from your server.</p>
-<example>
-RewriteRule \.exe - [F]
-</example>
+<highlight language="config">
+RewriteRule "\.exe" "-" [F]
+</highlight>
+
+<p>This example uses the "-" syntax for the rewrite target, which means
+that the requested URI is not modified. There's no reason to rewrite to
+another URI, if you're going to forbid the request.</p>
-<p>This rule uses the "-" syntax for the rewrite target, which means
-that the requested URI is not modified.</p>
+<p>When using [F], an [L] is implied - that is, the response is returned
+immediately, and no further rules are evaluated.</p>
</section>
<section id="flag_g"><title>G|gone</title>
-<p>Gone flag</p>
+<p>The [G] flag forces the server to return a 410 Gone status with the
+response. This indicates that a resource used to be available, but is no
+longer available.</p>
+
+<p>As with the [F] flag, you will typically use the "-" syntax for the
+rewrite target when using the [G] flag:</p>
+
+<highlight language="config">
+RewriteRule "oldproduct" "-" [G,NC]
+</highlight>
+
+<p>When using [G], an [L] is implied - that is, the response is returned
+immediately, and no further rules are evaluated.</p>
+
</section>
<section id="flag_h"><title>H|handler</title>
-<p>Handler flag</p>
+<p>Forces the resulting request to be handled with the specified
+handler. For example, one might use this to force all files without a
+file extension to be parsed by the php handler:</p>
+
+<highlight language="config">
+RewriteRule "!\." "-" [H=application/x-httpd-php]
+</highlight>
+
+<p>
+The regular expression above - <code>!\.</code> - will match any request
+that does not contain the literal <code>.</code> character.
+</p>
+
+<p>This can be also used to force the handler based on some conditions.
+For example, the following snippet used in per-server context allows
+<code>.php</code> files to be <em>displayed</em> by <code>mod_php</code>
+if they are requested with the <code>.phps</code> extension:</p>
+
+<highlight language="config">
+RewriteRule "^(/source/.+\.php)s$" "$1" [H=application/x-httpd-php-source]
+</highlight>
+
+<p>The regular expression above - <code>^(/source/.+\.php)s$</code> - will
+match any request that starts with <code>/source/</code> followed by 1 or
+n characters followed by <code>.phps</code> literally. The backreference
+$1 referrers to the captured match within parenthesis of the regular
+expression.</p>
</section>
<section id="flag_l"><title>L|last</title>
-<p>Last flag</p>
+<p>The [L] flag causes <module>mod_rewrite</module> to stop processing
+the rule set. In most contexts, this means that if the rule matches, no
+further rules will be processed. This corresponds to the
+<code>last</code> command in Perl, or the <code>break</code> command in
+C. Use this flag to indicate that the current rule should be applied
+immediately without considering further rules.</p>
+
+<p>If you are using <directive
+module="mod_rewrite">RewriteRule</directive> in either
+<code>.htaccess</code> files or in
+<directive type="section" module="core">Directory</directive> sections,
+it is important to have some understanding of how the rules are
+processed. The simplified form of this is that once the rules have been
+processed, the rewritten request is handed back to the URL parsing
+engine to do what it may with it. It is possible that as the rewritten
+request is handled, the <code>.htaccess</code> file or
+<directive type="section" module="core">Directory</directive> section
+may be encountered again, and thus the ruleset may be run again from the
+start. Most commonly this will happen if one of the rules causes a
+redirect - either internal or external - causing the request process to
+start over.</p>
+
+<p>It is therefore important, if you are using <directive
+module="mod_rewrite">RewriteRule</directive> directives in one of these
+contexts, that you take explicit steps to avoid rules looping, and not
+count solely on the [L] flag to terminate execution of a series of
+rules, as shown below.</p>
+
+<p> An alternative flag, [END], can be used to terminate not only the
+current round of rewrite processing but prevent any subsequent
+rewrite processing from occurring in per-directory (htaccess)
+context. This does not apply to new requests resulting from external
+redirects.</p>
+
+<p>The example given here will rewrite any request to
+<code>index.php</code>, giving the original request as a query string
+argument to <code>index.php</code>, however, the <directive
+module="mod_rewrite">RewriteCond</directive> ensures that if the request
+is already for <code>index.php</code>, the <directive
+module="mod_rewrite">RewriteRule</directive> will be skipped.</p>
+
+<highlight language="config">
+RewriteBase "/"
+RewriteCond "%{REQUEST_URI}" !=/index.php
+RewriteRule "^(.*)" "/index.php?req=$1" [L,PT]
+</highlight>
</section>
<section id="flag_n"><title>N|next</title>
-<p>Next round flag</p>
+<p>
+The [N] flag causes the ruleset to start over again from the top, using
+the result of the ruleset so far as a starting point. Use
+with extreme caution, as it may result in loop.
+</p>
+<p>
+The [Next] flag could be used, for example, if you wished to replace a
+certain string or letter repeatedly in a request. The example shown here
+will replace A with B everywhere in a request, and will continue doing
+so until there are no more As to be replaced.
+</p>
+<highlight language="config">
+RewriteRule "(.*)A(.*)" "$1B$2" [N]
+</highlight>
+<p>You can think of this as a <code>while</code> loop: While this
+pattern still matches (i.e., while the URI still contains an
+<code>A</code>), perform this substitution (i.e., replace the
+<code>A</code> with a <code>B</code>).</p>
+
+<p>In 2.5.0 and later, this module returns an error after 10,000 iterations to
+protect against unintended looping. An alternative maximum number of
+iterations can be specified by adding to the N flag. </p>
+<highlight language="config">
+# Be willing to replace 1 character in each pass of the loop
+RewriteRule "(.+)[><;]$" "$1" [N=32000]
+# ... or, give up if after 10 loops
+RewriteRule "(.+)[><;]$" "$1" [N=10]
+</highlight>
+
</section>
<section id="flag_nc"><title>NC|nocase</title>
<code>.jpg</code> and <code>.JPG</code> files are both acceptable, for
example.</p>
-<example>
-RewriteRule (.*\.(jpg|gif|png))$ http://images.example.com$1 [P,NC]
-</example>
+<highlight language="config">
+RewriteRule "(.*\.(jpg|gif|png))$" "http://images.example.com$1" [P,NC]
+</highlight>
</section>
<section id="flag_ne"><title>NE|noescape</title>
-<p>No escape flag</p>
+<p>By default, special characters, such as <code>&</code> and
+<code>?</code>, for example, will be converted to their hexcode
+equivalent. Using the [NE] flag prevents that from happening.
+</p>
+
+<highlight language="config">
+RewriteRule "^/anchor/(.+)" "/bigpage.html#$1" [NE,R]
+</highlight>
+
+<p>
+The above example will redirect <code>/anchor/xyz</code> to
+<code>/bigpage.html#xyz</code>. Omitting the [NE] will result in the #
+being converted to its hexcode equivalent, <code>%23</code>, which will
+then result in a 404 Not Found error condition.
+</p>
+
</section>
<section id="flag_ns"><title>NS|nosubreq</title>
-<p>No internal subrequest flag</p>
+<p>Use of the [NS] flag prevents the rule from being used on
+subrequests. For example, a page which is included using an SSI (Server
+Side Include) is a subrequest, and you may want to avoid rewrites
+happening on those subrequests. Also, when <module>mod_dir</module>
+tries to find out information about possible directory default files
+(such as <code>index.html</code> files), this is an internal
+subrequest, and you often want to avoid rewrites on such subrequests.
+On subrequests, it is not always useful, and can even cause errors, if
+the complete set of rules are applied. Use this flag to exclude
+problematic rules.</p>
+
+<p>To decide whether or not to use this rule: if you prefix URLs with
+CGI-scripts, to force them to be processed by the CGI-script, it's
+likely that you will run into problems (or significant overhead)
+on sub-requests. In these cases, use this flag.</p>
+
+<p>
+Images, javascript files, or css files, loaded as part of an HTML page,
+are not subrequests - the browser requests them as separate HTTP
+requests.
+</p>
</section>
<section id="flag_p"><title>P|proxy</title>
-<p>Proxy flag</p>
+<p>Use of the [P] flag causes the request to be handled by
+<module>mod_proxy</module>, and handled via a proxy request. For
+example, if you wanted all image requests to be handled by a back-end
+image server, you might do something like the following:</p>
+
+<highlight language="config">
+RewriteRule "/(.*)\.(jpg|gif|png)$" "http://images.example.com/$1.$2" [P]
+</highlight>
+
+<p>Use of the [P] flag implies [L] - that is, the request is immediately
+pushed through the proxy, and any following rules will not be
+considered.</p>
+
+<p>
+You must make sure that the substitution string is a valid URI
+(typically starting with <code>http://</code><em>hostname</em>) which can be
+handled by the <module>mod_proxy</module>. If not, you will get an
+error from the proxy module. Use this flag to achieve a
+more powerful implementation of the <directive
+module="mod_proxy">ProxyPass</directive> directive,
+to map remote content into the namespace of the local server.</p>
+
+<note type="warning">
+<title>Security Warning</title>
+<p>Take care when constructing the target URL of the rule, considering
+the security impact from allowing the client influence over the set of
+URLs to which your server will act as a proxy. Ensure that the scheme
+and hostname part of the URL is either fixed, or does not allow the
+client undue influence.</p>
+</note>
+
+<note type="warning">
+<title>Performance warning</title>
+<p>Using this flag triggers the use of <module>mod_proxy</module>, without handling of persistent connections. This
+means the performance of your proxy will be better if you set it up with <directive module="mod_proxy">ProxyPass</directive> or
+<directive module="mod_proxy">ProxyPassMatch</directive></p>
+<p>This is because this flag triggers the use of the default worker, which does not handle connection pooling.</p>
+<p>Avoid using this flag and prefer those directives, whenever you can.</p>
+</note>
+
+<p>Note: <module>mod_proxy</module> must be enabled in order
+to use this flag.</p>
+
</section>
<section id="flag_pt"><title>PT|passthrough</title>
-<p>Passthrough flag</p>
+
+<p>
+The target (or substitution string) in a RewriteRule is assumed to be a
+file path, by default. The use of the [PT] flag causes it to be treated
+as a URI instead. That is to say, the
+use of the [PT] flag causes the result of the <directive
+module="mod_rewrite">RewriteRule</directive> to be passed back through
+URL mapping, so that location-based mappings, such as <directive
+module="mod_alias">Alias</directive>, <directive
+module="mod_alias">Redirect</directive>, or <directive
+module="mod_alias">ScriptAlias</directive>, for example, might have a
+chance to take effect.
+</p>
+
+<p>
+If, for example, you have an
+<directive module="mod_alias">Alias</directive>
+for /icons, and have a <directive
+module="mod_rewrite">RewriteRule</directive> pointing there, you should
+use the [PT] flag to ensure that the
+<directive module="mod_alias">Alias</directive> is evaluated.
+</p>
+
+<highlight language="config">
+Alias "/icons" "/usr/local/apache/icons"
+RewriteRule "/pics/(.+)\.jpg$" "/icons/$1.gif" [PT]
+</highlight>
+
+<p>
+Omission of the [PT] flag in this case will cause the Alias to be
+ignored, resulting in a 'File not found' error being returned.
+</p>
+
+<p>The <code>PT</code> flag implies the <code>L</code> flag:
+rewriting will be stopped in order to pass the request to
+the next phase of processing.</p>
+
+<p>Note that the <code>PT</code> flag is implied in per-directory
+contexts such as
+<directive type="section" module="core">Directory</directive> sections
+or in <code>.htaccess</code> files. The only way to circumvent that
+is to rewrite to <code>-</code>.</p>
+
</section>
<section id="flag_qsa"><title>QSA|qsappend</title>
-<p>Query String Append flag</p>
+<p>
+When the replacement URI contains a query string, the default behavior
+of <directive module="mod_rewrite">RewriteRule</directive> is to discard
+the existing query string, and replace it with the newly generated one.
+Using the [QSA] flag causes the query strings to be combined.
+</p>
+
+<p>Consider the following rule:</p>
+
+<highlight language="config">
+RewriteRule "/pages/(.+)" "/page.php?page=$1" [QSA]
+</highlight>
+
+<p>With the [QSA] flag, a request for <code>/pages/123?one=two</code> will be
+mapped to <code>/page.php?page=123&one=two</code>. Without the [QSA]
+flag, that same request will be mapped to
+<code>/page.php?page=123</code> - that is, the existing query string
+will be discarded.
+</p>
+</section>
+
+<section id="flag_qsd"><title>QSD|qsdiscard</title>
+<p>
+When the requested URI contains a query string, and the target URI does
+not, the default behavior of <directive
+module="mod_rewrite">RewriteRule</directive> is to copy that query
+string to the target URI. Using the [QSD] flag causes the query string
+to be discarded.
+</p>
+
+<p>This flag is available in version 2.4.0 and later.</p>
+
+<p>
+Using [QSD] and [QSA] together will result in [QSD] taking precedence.
+</p>
+
+<p>
+If the target URI has a query string, the default behavior will be
+observed - that is, the original query string will be discarded and
+replaced with the query string in the <code>RewriteRule</code> target
+URI.
+</p>
+
</section>
<section id="flag_r"><title>R|redirect</title>
-<p>Redirect flag</p>
+<p>
+Use of the [R] flag causes a HTTP redirect to be issued to the browser.
+If a fully-qualified URL is specified (that is, including
+<code>http://servername/</code>) then a redirect will be issued to that
+location. Otherwise, the current protocol, servername, and port number
+will be used to generate the URL sent with the redirect.
+</p>
+
+<p>
+<em>Any</em> valid HTTP response status code may be specified,
+using the syntax [R=305], with a 302 status code being used by
+default if none is specified. The status code specified need not
+necessarily be a redirect (3xx) status code. However,
+if a status code is outside the redirect range (300-399) then the
+substitution string is dropped entirely, and rewriting is stopped as if
+the <code>L</code> were used.</p>
+
+<p>In addition to response status codes, you may also specify redirect
+status using their symbolic names: <code>temp</code> (default),
+<code>permanent</code>, or <code>seeother</code>.</p>
+
+<p>
+You will almost always want to use [R] in conjunction with [L] (that is,
+use [R,L]) because on its own, the [R] flag prepends
+<code>http://thishost[:thisport]</code> to the URI, but then passes this
+on to the next rule in the ruleset, which can often result in 'Invalid
+URI in request' warnings.
+</p>
+
</section>
<section id="flag_s"><title>S|skip</title>
-<p>The [S] flag is used to skip rules that you don't want to run. This
-can be thought of as a <code>goto</code> statement in your rewrite
-ruleset. In the following example, we only want to run the <directive
-module="mod_rewrite">RewriteRule</directive> if the requested URI
-doesn't correspond with an actual file.</p>
-
-<example>
-RewriteCond %{REQUEST_FILENAME} !-f<br />
-RewriteCond %{REQUEST_FILENAME} !-d<br />
-RewriteRule .? - [S=2]<br />
-<br />
-RewriteRule (.*\.gif) images.php?$1<br />
-RewriteRule (.*\.html) docs.php?$1
-</example>
+<p>The [S] flag is used to skip rules that you don't want to run. The
+syntax of the skip flag is [S=<em>N</em>], where <em>N</em> signifies
+the number of rules to skip (provided the <directive module="mod_rewrite">
+RewriteRule</directive> and any preceding <directive module="mod_rewrite">
+RewriteCond</directive> directives match). This can be thought of as a
+<code>goto</code> statement in your rewrite ruleset. In the following
+example, we only want to run the <directive module="mod_rewrite">
+RewriteRule</directive> if the requested URI doesn't correspond with an
+actual file.</p>
+
+<highlight language="config">
+# Is the request for a non-existent file?
+RewriteCond "%{REQUEST_FILENAME}" !-f
+RewriteCond "%{REQUEST_FILENAME}" !-d
+# If so, skip these two RewriteRules
+RewriteRule ".?" "-" [S=2]
+
+RewriteRule "(.*\.gif)" "images.php?$1"
+RewriteRule "(.*\.html)" "docs.php?$1"
+</highlight>
<p>This technique is useful because a <directive
module="mod_rewrite">RewriteCond</directive> only applies to the
<directive module="mod_rewrite">RewriteRule</directive> immediately
following it. Thus, if you want to make a <code>RewriteCond</code> apply
to several <code>RewriteRule</code>s, one possible technique is to
-negate those conditions and use a [Skip] flag.</p>
+negate those conditions and add a <code>RewriteRule</code> with a [Skip] flag. You can
+use this to make pseudo if-then-else constructs: The last rule of
+the then-clause becomes <code>skip=N</code>, where N is the
+number of rules in the else-clause:</p>
+<highlight language="config">
+# Does the file exist?
+RewriteCond "%{REQUEST_FILENAME}" !-f
+RewriteCond "%{REQUEST_FILENAME}" !-d
+# Create an if-then-else construct by skipping 3 lines if we meant to go to the "else" stanza.
+RewriteRule ".?" "-" [S=3]
+
+# IF the file exists, then:
+ RewriteRule "(.*\.gif)" "images.php?$1"
+ RewriteRule "(.*\.html)" "docs.php?$1"
+ # Skip past the "else" stanza.
+ RewriteRule ".?" "-" [S=1]
+# ELSE...
+ RewriteRule "(.*)" "404.php?file=$1"
+# END
+</highlight>
+
+<p>It is probably easier to accomplish this kind of configuration using
+the <directive type="section">If</directive>, <directive
+type="section">ElseIf</directive>, and <directive
+type="section">Else</directive> directives instead.</p>
</section>
<p>For example, you might use the following technique to serve Perl
source code as plain text, if requested in a particular way:</p>
-<example>
-# Files with 'IMG' in the name are gif images.
-RewriteRule IMG - [T=image/gif]
-</example>
+<highlight language="config">
+# Serve .pl files as plain text
+RewriteRule "\.pl$" "-" [T=text/plain]
+</highlight>
+
+<p>Or, perhaps, if you have a camera that produces jpeg images without
+file extensions, you could force those images to be served with the
+correct MIME type by virtue of their file names:</p>
+
+<highlight language="config">
+# Files with 'IMG' in the name are jpg images.
+RewriteRule "IMG" "-" [T=image/jpg]
+</highlight>
<p>Please note that this is a trivial example, and could be better done
-using <FilesMatch> instead. Always consider the alternate
+using <directive type="section" module="core">FilesMatch</directive>
+instead. Always consider the alternate
solutions to a problem before resorting to rewrite, which will
invariably be a less efficient solution than the alternatives.</p>
-</section>
+
+<p>
+If used in per-directory context, use only <code>-</code> (dash)
+as the substitution <em>for the entire round of mod_rewrite processing</em>,
+otherwise the MIME-type set with this flag is lost due to an internal
+re-processing (including subsequent rounds of mod_rewrite processing).
+The <code>L</code> flag can be useful in this context to end the
+<em>current</em> round of mod_rewrite processing.</p>
</section>
-</manualpage>
+</manualpage>
projects / apache / blobdiff