Changing a set-cookie header using mod_rewrite/mod_proxy

Posted by olrehm on Server Fault See other posts from Server Fault or by olrehm
Published on 2012-07-09T08:42:27Z Indexed on 2012/07/09 9:17 UTC
Read the original article Hit count: 339

Filed under:

apache2

|

mod-rewrite

|

mod-proxy

|

cookie

I have a bunch of cgi scripts, which are served using HTTPS. They can only be reached on the intranet, not from the outside. They set a cookie with the attribute 'Secure', so that it can only be send via HTTPS. There is also a reverse proxy to one of these scripts, unfortunately using plain HTTP. When a response comes in from my cgi-script with a secure cookie, it is not being passed on via HTTP (after all, that is what that attribute is for). I need however, an exception to this rule.

Is it possible to use mod_rewrite/mod_proxy or something similar, to change the set-cookie header in the response coming from my cgi script and remove the Secure, such that the cookie can be passed back to the user using the unsafe HTTP connection? I understand that this defeats the purpose of the Secure in the first place, but I need this as a temporary work around.

I have searched the web and found how to add a set-cookie header using mod_rewrite, and I have also found how to retrieve the value of a cookie coming from the client in a cookie header. What I have not yet found is how to extract the set-cookie header received in the response of a script I am proxying for. Is that possible? How would I do that?

Ole

© Server Fault or respective owner

Related posts about apache2

apache2: Could not open configuration file /etc/apache2/apache2.conf: Permission denied

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I recently upgraded Ubuntu to the latest LTS edition on my work laptop, which I use as a LAMP development platform. The upgrade was from 12.4 to 14.4. Now I'm having trouble getting apache up and running again. Here is the output from an attempt: antonc@antonc-laptop:/etc/apache2$ sudo service apache2… >>> More
Apache segfault glibc segfault

as seen on Server Fault - Search for 'Server Fault'
I keep getting (about every 5-6 hours) this segfault in apache: [Tue Jun 26 12:43:10 2012] [notice] child pid 26810 exit signal Aborted (6) *** glibc detected *** /usr/sbin/apache2: free(): invalid pointer: 0xb68c2628 *** ======= Backtrace: ========= /lib/i386-linux-gnu/libc.so.6(+0x6ff22)[0xb75aef22] /lib/i386-linux-gnu/libc… >>> More
Localhost not working after installing PHP on Mountain Lion

as seen on Server Fault - Search for 'Server Fault'
I've installed php using brew install php54 --with-mysql, I've set up all the path correctly. which php will give me /usr/local/bin/php php -v will give me PHP 5.4.8 (cli) (built: Nov 20 2012 09:29:31) php --ini will give me: Configuration File (php.ini) Path: /usr/local/etc/php/5.4 Loaded Configuration… >>> More
Apache 2 Virtual Hosts no working on OSX 10.6

as seen on Server Fault - Search for 'Server Fault'
This is my first MacBook and I'm trying to get virtual hosts up and running so as it's going to be my dev machine. I've got apache/php/mysql running fine, the problem is that what ever address I go to I just get one of the virtual hosts I've setup. I can't even get to the root site anymore. I had… >>> More
apache2 error Could not open configuration file /etc/apache2/conf.d/: No such file or directory

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have just upgraded my Ubuntu 13.10 and apache2 is not working. When I try to start the apache2 server it is printing following errors: * Starting web server apache2 * The apache2 configtest failed. Output of config test was: apache2: Syntax error on line 263 of /etc/apache2/apache2.conf: Could… >>> More

Related posts about mod-rewrite

Why won't this Apache modrewrite RewriteRule work?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to get Apache mod rewrite to work on my local machine. I'm running OSX with PHP 5 and the Apache mod rewrite module is enabled. I have a directory called localhost/~Jason/hfh/admin with various PHP includes called based on a $_GET variable. I want to let users type (in theory) localhost/~Jason/hfh/admin/pages and… >>> More
Mod Rewrite Help - Pseudo-Subdirectories

as seen on Server Fault - Search for 'Server Fault'
I am dealing with a frustrating problem with Joomla that is going to require some url trickery. The idea is straight-forward but after reading a bunch of guides for mod-rewrite, I still can't seem to get it work. Let's say my site is www.mysite.com. Joomla is already performing some rewriting for… >>> More
mod-rewrite: Replacing some characters in a url

as seen on Server Fault - Search for 'Server Fault'
Is it possible to replace some forward slashes (/) of a URL to dots (.) in a RewriteRule? It doesn't have to be done exclusively with a RewriteRule, but definitely not with a script. Example 1: INPUT: /document/my/document.html OUTPUT: /document-my.document.html Example 2: INPUT: /document/depth/of/path/can/vary… >>> More
Mod rewrite for fake subdomains?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I really tried tons of methods but i'm not successful. I want a .Htaccess code to do the following : I want to rename this : http://www.mydomain.com/media -- http://media.mydomain.com So, By example instead of calling this : http://www.mydomain.com/media/XXX/picture.jpg i will call : http://media… >>> More
Using ModRewrite to get rid of extentions

as seen on Stack Overflow - Search for 'Stack Overflow'
I would like to get rid of all the file extensions on my site. Except when they are on the index i would like it to say nothing... change this foo.com/index.html to this foo.com/ and when the user goes to another page like foo.com/contact-us.html it will be foo.com/contact-us RewriteEngine On RewriteRule… >>> More