Help - Search - Members - Calendar
Full Version: Web host uses URL rewriting by default
HTMLHelp Forums > Programming > Web Server Configuration
Christian J
A web host's Apache server uses some kind of URL rewriting, so that you can access a file like

CODE
foo.html

with just the URL

CODE
/foo

Is this a good idea? Can or should I try to remove it? It's not done in any .htaccess file that I can see, so I guess it's in some Apache .conf file. A quick web search just turns up pages on how to enable this, not how to disable it. unsure.gif
pandy
if it's a good idea for you to have I don't know. i think it's a bad idea for a web host to force anything on all users, more than essential things like file types. couldn't you just ask them to exclude you if you want to get rid of it?
Christian J
QUOTE(pandy @ Nov 5 2015, 07:46 AM) *

if it's a good idea for you to have I don't know.

Me neither. I wouldn't link to such URLs on purpose. Could there be any potential security implications, like XSS vulnerabilities?

QUOTE
i think it's a bad idea for a web host to force anything on all users

Actually I had no idea they were doing it, until I found out by mistake.

QUOTE
couldn't you just ask them to exclude you if you want to get rid of it?

Yes but first I must decide what I want. blink.gif

Darin McGrew
Well, TBL advocates for leaving off the filename extension (as well as other things): Cool URIs don't change
Christian J
QUOTE(Darin McGrew @ Nov 5 2015, 06:38 PM) *

Well, TBL advocates for leaving off the filename extension (as well as other things): Cool URIs don't change

Some good points about future-proofing. However, I still use .html extensions even when pages are generated by server-side scripts. I guess I could still use those .html extensions even if I stopped using HTML in the distant future.

Also this part sounds dangerous:

QUOTE
You keep the file extension (such as .png) on the file (e.g. mydog.png), but refer to the web resource without it. Apache then checks the directory for all files with that name and any extension, and it can also pick the best one out of a set (e.g. GIF and PNG).

According to my quick test, my Apache server picked a directory (redirecting "foo" to "foo/"). If that directory did not exist, an HTML file was picked.

When I deleted the directory "foo/", Apache still redirected the URL "foo" to "foo/", where it displayed the HTML file as if it was the directory index file. But if I create a new HTML file "bar.html", the URL "bar" does not redirect to "bar/". Maybe some kind of URL caching is going on there?
pandy
QUOTE(Christian J @ Nov 5 2015, 07:25 PM) *

Also this part sounds dangerous:

QUOTE
You keep the file extension (such as .png) on the file (e.g. mydog.png), but refer to the web resource without it. Apache then checks the directory for all files with that name and any extension, and it can also pick the best one out of a set (e.g. GIF and PNG).

According to my quick test, my Apache server picked a directory (redirecting "foo" to "foo/"). If that directory did not exist, an HTML file was picked.

When I deleted the directory "foo/", Apache still redirected the URL "foo" to "foo/", where it displayed the HTML file as if it was the directory index file. But if I create a new HTML file "bar.html", the URL "bar" does not redirect to "bar/". Maybe some kind of URL caching is going on there?



Don't know. This is one of the reasons I don't use this. Too many things too keep track of. I suspect I would also need to abandon the way I rename backup files. I sometimes just change the case. Like index.HTML for the first backup and INDEX.HTML for the next if I want to keep two. They sort right with FTP and it makes them stand out, but I don't know if it would be safe.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2018 Invision Power Services, Inc.