[deployment-guide/comm-rel: 611/727] Updated the SetEnvIf directive description.
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 13:16:59 UTC 2010
commit fe27ae00cc27e5413d7f914da5e4482ad5627a82
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Tue Sep 7 15:46:04 2010 +0200
Updated the SetEnvIf directive description.
en-US/The_Apache_HTTP_Server.xml | 115 ++++++++++++++++++++++++++++++--------
1 files changed, 92 insertions(+), 23 deletions(-)
---
diff --git a/en-US/The_Apache_HTTP_Server.xml b/en-US/The_Apache_HTTP_Server.xml
index 627914c..a5bc227 100644
--- a/en-US/The_Apache_HTTP_Server.xml
+++ b/en-US/The_Apache_HTTP_Server.xml
@@ -2580,7 +2580,7 @@ ErrorDocument 404 /404-not_found.html</screen>
<screen>~]# <command>chmod a+x /home/<replaceable>username</replaceable>/</command>
~]# <command>chmod a+rx /home/<replaceable>username</replaceable>/public_html/</command></screen>
<para>
- All files in the above directory must be set acordingly.
+ All files in this directory must be set acordingly.
</para>
</note>
<example id="example-apache-httpdconf-userdir">
@@ -2602,29 +2602,98 @@ ErrorDocument 404 /404-not_found.html</screen>
<section id="s2-apache-sslconf-common">
<title>Common <filename>ssl.conf</filename> Directives</title>
<para>
- The directives in <filename>/etc/httpd/conf.d/ssl.conf</filename> file can be configured to enable secure Web communications using SSL and TLS.
+ The following directives are commonly used in <filename>/etc/httpd/conf.d/ssl.conf</filename>:
</para>
- <formalpara id="s3-apache-setenvif">
- <title>SetEnvIf</title>
- <para>
- <command>SetEnvIf</command> sets environment variables based on the headers of incoming connections. It is <emphasis>not</emphasis> solely an SSL directive, though it is present in the supplied <filename>/etc/httpd/conf.d/ssl.conf</filename> file. It's purpose in this context is to disable HTTP keepalive and to allow SSL to close the connection without a closing notification from the client browser. This setting is necessary for certain browsers that do not reliably shut down the SSL connection.
- </para>
- </formalpara>
- <para>
- For more information on other directives within the SSL configuration file, refer to the following URLs:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- http://localhost/manual/mod/mod_ssl.html
- </para>
- </listitem>
- <listitem>
- <para>
- <ulink url="http://httpd.apache.org/docs/2.2/mod/mod_ssl.html" />
- </para>
- </listitem>
- </itemizedlist>
+ <variablelist>
+ <varlistentry>
+ <term><option>SetEnvIf</option></term>
+ <listitem>
+ <para>
+ The <option>SetEnvIf</option> directive allows you to set environment variables based on the headers of incoming connections. It takes the following form:
+ </para>
+ <screen>SetEnvIf <replaceable>option</replaceable> <replaceable>pattern</replaceable> <optional>!</optional><replaceable>variable</replaceable><optional>=<replaceable>value</replaceable></optional>…</screen>
+ <para>
+ The <replaceable>option</replaceable> can be either a HTTP header field, a previously defined environment variable name, or a valid keyword as described in <xref linkend="table-apache-sslconf-setenvif" />. The <replaceable>pattern</replaceable> is a regular expression. The <replaceable>variable</replaceable> is an environment variable that is set when the option matches the pattern. If the optional exclamation mark (that is, <literal>!</literal>) is present, the variable is removed instead of being set.
+ </para>
+ <table id="table-apache-sslconf-setenvif">
+ <title>Available <option>SetEnvIf</option> options</title>
+ <tgroup cols="2">
+ <colspec colname="option" colnum="1" colwidth="20*" />
+ <colspec colname="description" colnum="2" colwidth="60*" />
+ <thead>
+ <row>
+ <entry>
+ Option
+ </entry>
+ <entry>
+ Description
+ </entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>
+ <option>Remote_Host</option>
+ </entry>
+ <entry>
+ Refers to the client's hostname.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>Remote_Addr</option>
+ </entry>
+ <entry>
+ Refers to the client's IP address.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>Server_Addr</option>
+ </entry>
+ <entry>
+ Refers to the server's IP address.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>Request_Method</option>
+ </entry>
+ <entry>
+ Refers to the request method (for example, <literal>GET</literal>).
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>Request_Protocol</option>
+ </entry>
+ <entry>
+ Refers to the protocol name and version (for example, <literal>HTTP/1.1</literal>).
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>Request_URI</option>
+ </entry>
+ <entry>
+ Refers to the requested resource.
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ <para>
+ The <option>SetEnvIf</option> directive is used to disable HTTP keepalives, and to allow SSL to close the connection without a closing notification from the client browser. This is necessary for certain web browsers that do not reliably shut down the SSL connection.
+ </para>
+ <example id="example-apache-sslconf-setenvif">
+ <title>Using the <option>SetEnvIf</option> directive</title>
+ <screen>SetEnvIf User-Agent ".*MSIE.*" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0</screen>
+ </example>
+ </listitem>
+ </varlistentry>
+ </variablelist>
<note>
<title>Note</title>
<para>
More information about the docs-commits
mailing list