What does this this HTTP Authorization RewriteRule do?

74.6k Views Asked by The Surrican At 04 April 2025 at 14:30

I have an rewrite recursion error somewhere on my website that Google Bot caused, but I can't find the url that caused it because my Loglevel is low. I raised it but it has not happened again so far.

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

All Rewriterules look fine to me and have the [L] flag, except this one.

I can't quite understand it. It is from the open source shop system Magento.

As far as I can tell it does nothing but sets the environment variable E. But isn't that a very stupid way of doing that? Shouldn't you use SetEnv if that was the goal?

Original Q&A

There are 2 best solutions below

Wige On 09 February 2011 at 16:35 BEST ANSWER

This line is setting the environment variable to the value of user authentication string - essentially setting a variable rather than constant value. As far as I know, SetEnv and SetEnvIf only allow you to set an environment variable to a predetermined constant.

The variable being set is actually HTTP_AUTHORIZATION, not E. I would guess this is part of the user authentication process.

Etienne Marais On 07 November 2012 at 14:04

Symfony developers Group has a good answer for it. I quote:

it looks like your hosting is running php as a fcgi, not a php5_module, like your localhost does. ( phpinfo - Server API: CGI/FastCGI )

the point is that php5_module automatically handles HTTP_AUTHORIZATION headers, but fcgi_module does not.

solution is simple - add this line to your .htacces on your hosting server:

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

It worked for me

What does this this HTTP Authorization RewriteRule do?

There are 2 best solutions below

Related Questions in .HTACCESS

Related Questions in MOD-REWRITE

Related Questions in URL-REWRITING

Related Questions in APACHE2

Related Questions in GOOGLEBOT

Trending Questions

Popular # Hahtags

Popular Questions