I need to set a variable in http header after authentication in httpd.conf. But the value is base 64 encoded. I need to decode it before setting it in the header for which I am trying to use unbase64 of apache httpd.
I have tried like below. But nothing helps.
RewriteRule .* - [E=NEW_VAL:%{unbase64:%{AUTHORIZE_VAL}}]
Header set user.sid "%{NEW_VAL}e"
Can please help me in understanding the usage of this or is there any way to decode the value?
Hope this helps someone. I have written a script for base 64 decoding and configured RewriteMap for that script. Then used that map for conversion in RewriteRule.
Reference : this
Related
I am able to see the file name in the URL in lower environments like SIT and UAT. But in Production environment, some junk value is replacing the file name. Any help will be great.
File name is replaced with some junk value this -> "bWFzdGVyfGltYWdlc3w4OTM1fGltYWdlL3BuZ3xpbWFnZXMvaDk4L2g4My84ODA0MTAxMDk1NDU0LnBuZ3xjMWY2OTZmOGQ5ZGM2MTIxMmQxMmUwODI5ZGQwYTg5YzNhMjIyYjQzMTJlMzc1MTU0ZmUyZWFjOGE5MjUyMGFj"
If you are asking about Media URL.
In hybris, SEO friendly URL call prettyURL. That can be enabled by setting media.legacy.prettyURL = true in the local.properties.
With prettyURL disabled, URL looks something like this
/medias/fileName.jpg?context=NAYDCL3IGAZC6ZTPN4XGU4DHHI5DU4LXMVZHI6JRGIZTINI.....
Above, context request paramater is base64 encoded media details.
With prettyURL enabled, URL looks something like this
/medias/sys_master/images/h98/h83/8804101095454/yourFileName.jpg
Now verify you have the same value for media.legacy.prettyURL in all environment. By default, prettyURL is disabled(media.legacy.prettyURL = false).
Refer LocalMediaWebURLStrategy class and help.hybris for more detail.
This is not junk value, it is base64 encoded text. It has unavailable characters for URL so system auto encode your value.
master|images|8935|image/png|images/h98/h83/8804101095454.png|c1f696f8d9dc61212d12e0829dd0a89c3a222b4312e375154fe2eac8a92520ac
I mirrored a site to local server with wget and the file names locally look like this:
comments
comments?id=123
Locally these are static files that show unique content.
But when I access second file in browser it keeps showing content from file comments and appends the query string to it ?id=123 so it is not showing content from file comments?id=123
It loads the correct file if I manually encode the ? TO %3F in browser window and I type:
comments%3Fid=123
Is there a way to fix this ? Maybe make apache stop treating ? as query separator and treat it as file name character ? Or make an URL rewrite and change ? into %3F ?
Edit: Indeed too many problems caused by ? in file name and requests. I ended up using the wget option --restrict-file-names=windows that would convert ? into an # when saving file name.
The short answer is "don't do that."
The longer answer is that ? is a reserved character in URLs, using it as a part of a filename is going to cause problems forever, and the recommended solution is to pick a different character to use in those filenames. There are many to choose from - just avoid ? & # and # and you'll probably be fine.
If you insist on keeping the file name (or if you don't have an option) try:
RewriteCond %{QUERY_STRING} (.*)
RewriteRule (.*) $1%%3F%1 [NE]
However, this is going to fire any time you have a query string, which is likely not what you want.
I want to try something like if in .htaccess:
I want to Redictes each ?sp=SOMEWHAT to diffrent ?p=NNN (some number)
I have a 100 ?sp= pages.
And I don't want to work on 100 Rules each page load.
If this another method to solve it, I happy to know.
if(RewriteCond %{HTTP_HOST ^?sp=}{
RewriteRule ^?sp=bar ?p=5
RewriteRule ^?sp=foo ?p=9
RewriteRule ^?sp=tin ?p=15
}
This is no logic between the ?sp= and ?p=
Update: I doesn't have access to server config.
This can be done with the RewriteMap directive (iff you have access to the server configuration, as pointed out in a comment. No idea why they thought that needed to be restricted...). For example:
RewriteMap sp_to_s txt:/path/to/map.txt
RewriteRule ^?sp=(.*) ?p=${sp_to_s:$1|0}
(the 0 is the default value if none of the pairs in the map match).
Here's a sample map.txt:
bar 5
foo 9
tin 15
There are more ways to use the map feature; see the documentation for mod_rewrite for details.
:)
I have one ridiculously silly question and most of you would like to reffer me to Google right away, but that didn't helped me out within the first hour. I suppose I didn't knew how to look for. I'm having a PHP file and I'd like to have it in base64 yet I can't get it to work anyhow.
1) I encoded my PHP script to base64(and included the PHP tags). It'll look as following : JTNDJTNGcGhwJTIwVGhpcyUyMGlzJTIwdGhlJTIwUEhQJTIwY29kZSUyMCUzRiUzRQ==
This kind of base64 won't execute so I added the PHP tags to it although the encoded file already had it. Still didn't worked out. Removed the tags from the base64 and tried again, but still didn't worked. Then I tried adding the PHP tags and inside of them added :
eval(gzinflate(base64_decode('base64 here')));
Still didn't worked out anyhow. Is anyone here kind enough to tell the kiddo how to run a base64 encoded PHP file properly?
Would be really appreaciated. :)
A simple code:
$source = "JTNDJTNGcGhwJTIwVGhpcyUyMGlzJTIwdGhlJTIwUEhQJTIwY29kZSUyMCUzRiUzRQ==";
$code = base64_decode($source);
eval($code);
or even shorter:
eval(base64_decode("JTNDJTNGcGhwJTIwVGhpcyUyMGlzJTIwdGhlJTIwUEhQJTIwY29kZSUyMCUzRiUzRQ=="));
Do you want to encrypt your code? If so, this is not the right way. Use a accelerator like this one or this one. They will crypt your codes and make them even faster!
If you are going to use base_64 to encode your php file then the encoded text need to seat in between the php tags including the base_64 tag.
Example:
If your code is:
JTNDJTNGcGhwJTIwVGhpcyUyMGlzJTIwdGhlJTIwUEhQJTIwY29kZSUyMCUzRiUzRQ
Then your code should look like:
<?php eval("?>".base64_decode("JTNDJTNGcGhwJTIwVGhpcyUyMGlzJTIwdGhlJTIwUEhQJTIwY29kZSUyMCUzRiUzRQ")); ?>
Basically your basic code will look like this:
<?php eval("?>".base64_decode("Code Goes here")); ?>
There are more simple tools that can give you this option
Check this out: PHP Encoder & Decoder with Domain Lock
I have a doubt with some of my URLs from my acces_log . There are some URLs from external sites linking me like http://domain.com/url_name.htm% (yes, with %).
Then... my server returns http error, I need to redirect this fake URLs to the correct way, and I thought in htaccess.
I only need to detect the % symbol in the last character of URL, and redirect without it.
http://domain.com/url_name.htm% --> http://domain.com/url_name.htm
How can I do this? I was trying with some samples with ? symbol but I didn't have lucky.
Thanks!
I already found the mistake...
It seems that some malformed URLs don't pass to vhost, then these petitions don't read the .htaccess.
The only way to solve this, is adding in httpd.conf the ErrorDocument 400 directive... Not is the best option for servers with different vhosts.. because all of the will have the same behaviour... but I think that is the only way for this case.
Quotation from Apache documentation:
Although most error messages can be overriden, there are certain circumstances where the >internal messages are used regardless of the setting of ErrorDocument. In particular, if a >malformed request is detected, normal request processing will be immediately halted and the >internal error message returned. This is necessary to guard against security problems >caused by bad requests.
Thanks anyway!!
This page is super helpful about the .htaccess rules.
http://www.helicontech.com/isapi_rewrite/doc/RewriteRule.htm
I saw a few solutions to this that use a small php script too. IE this one replaces #
.htaccess
RewriteRule old.php redirect.php? url=http://example.com/new.php|hash [R=301,QSA,L]
redirect.php
<?php
$new_url = str_replace("|", "#", $_GET['url']);
header("Location: ".$new_url, 301);
die;
?>