I have sites which I’m adding SSL for latest compliance, these have protected admin folders, the global root redirect
#redirect to ssl site
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
causes visitors using a old http: link to admin to reach 404 page as the redirect happens to early.
Iv’e fixed this for firefox by adding a stop rule prior to the global
# stop processing for admin
RewriteRule ^(admin)($|/) - [L]
and a specific redirect
RewriteCond %{HTTPS} off
RewriteRule ^admin/(.*)$ https://www.mysite.co.uk/admin/$1?%{QUERY_STRING} [NE,r=301,L]
however in chrome the directory stop fails and the specific redirect ignored, so chrome visitors get a 404 instead of being redirected.
I have tried multiple additions to the global but none work
#redirect to ssl site
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^admin(.*) [NC]
RewriteCond %{REQUEST_URI} !(.*)admin(.*) [NC]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/].*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
Why is firefox and chrome behaving differently, I thought it was apache doing the processing, how do I make chrome behave like firefox?
2
Answers
Having posted this and despite having searched extensively another post came up and the final answer on that fixed the issue, so the solution has two parts, in the root I added:
Then in the admin folder:
However I still don't understand why chrome is behaving differently to firefox for this.
I doubt that Firefox behaves differently from Chrome. It is more likely that there is a cached redirect in Chrome which causes it to visit a former redirect target directly without visiting the original URL. This happens if a 301 redirect is used instead of a 302 one since 301 means permanent redirect and the browser will remember this one.
To get rid of this problem you need to clear the browsers cache so that it no longer remembers and uses the no longer valid redirect.