在Zend Framework(v1.12)应用程序中,我想强制调用一个特定的控制器(api)。
我设法重写了任何请求,以便无论请求是什么(例如。“http://example.com/foo/bar”或“http://example.com”),它都被重写为{{3使用以下Apache重写规则来...(例如。“http://example.com/api/”或“http://example.com/api/foo/bar”):
<VirtualHost *:80>
[...]
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/?api/?.* [NC]
RewriteCond %{REQUEST_URI} !^/index\.php$ [NC]
RewriteRule ^/?(.*)$ /api/$1 [R,L]
[...]
</VirtualHost>
RewriteLogs说:
/initial] (2) init rewrite engine with requested uri /api/
/initial] (3) applying pattern '^/?(.*)$' to uri '/api/'
/initial] (1) pass through /api/
/initial] (3) [perdir /var/www/example.com/public/] add path info postfix: /var/www/example.com/public/api -> /var/www/example.com/public/api/
/initial] (3) [perdir /var/www/example.com/public/] strip per-dir prefix: /var/www/example.com/public/api/ -> api/
/initial] (3) [perdir /var/www/example.com/public/] applying pattern '^.*$' to uri 'api/'
/initial] (3) [perdir /var/www/example.com/public/] add path info postfix: /var/www/example.com/public/api -> /var/www/example.com/public/api/
/initial] (3) [perdir /var/www/example.com/public/] strip per-dir prefix: /var/www/example.com/public/api/ -> api/
/initial] (3) [perdir /var/www/example.com/public/] applying pattern '^.*$' to uri 'api/'
/initial] (2) [perdir /var/www/example.com/public/] rewrite 'api/' -> 'index.php'
/initial] (3) [perdir /var/www/example.com/public/] add per-dir prefix: index.php -> /var/www/example.com/public/index.php
/initial] (2) [perdir /var/www/example.com/public/] strip document_root prefix: /var/www/example.com/public/index.php -> /index.php
/initial] (1) [perdir /var/www/example.com/public/] internal redirect with /index.php [INTERNAL REDIRECT]
/initial/redir#1] (2) init rewrite engine with requested uri /index.php
/initial/redir#1] (3) applying pattern '^/?(.*)$' to uri '/index.php'
/initial/redir#1] (1) pass through /index.php
但是这仍然允许用户通过http://example.com/api/访问应用程序的主页,我无法设法禁止这样做。
我试图阻止:
<VirtualHost *:80>
[...]
# Rewrite code from above
[...]
<Location /index.php>
Order Allow,Deny
Deny from all
</Location>
[...]
</VirtualHost>
但作为一个ZF应用程序,每个请求都必须传递给index.php(Bootstrap):标准的ZF重写规则将所有内容重写为index.php:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
因此我得到了一个“禁止 - 您无权访问此服务器上的/index.php”。对于每个请求。
我是否可以在用于重写请求时允许访问“index.php”并禁止直接访问它?
我确信这可以由ZF应用程序的路由器完成,但是希望避免更改应用程序的PHP源代码。
答案 0 :(得分:0)
使用ENV:REDIRECT_STATUS变量(请参阅mromaine的contribution至"Hidden features of mod_rewrite" community wiki我设法禁止直接访问index.php:
RewriteEngine On
# Force controller "api"
RewriteCond %{REQUEST_URI} !^/?api/?.* [NC]
RewriteCond %{REQUEST_URI} !^/index\.php$ [NC]
RewriteRule ^/?(.*)$ /api/$1 [R,L]
# Deny direct access to "index.php"
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule index\.php$ - [NC,F]
测试用例: