Geek Answers Handbook

Why is this FilesMatch file not matching correctly?

We tried to configure our server so as not to cache our .htm files, because it causes several problems with our analytics package and also does not display pages correctly if a visitor accesses the "Back" button in his browser.

We tried to solve this problem by adding:

<FilesMatch "\.(htm)$"> Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate" Header set Pragma "no-cache" Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT" Header set Warning "Testing" </FilesMatch>

to our httd file, but it doesn’t seem to be running, however, when we move the Header set outside of FileMatch, it looks fine ..

Anyone have any ideas that we're wrong?

+7
source share
2 answers

Recently, I needed to find out the same problem and, although this post pointed me in the right direction, I wanted to share some clarifying information for edifying those who are looking for this topic in the future.

David, your original FilesMatch did not work, because FilesMatch only works with real physical files that exist on your file system. http://httpd.apache.org/docs/current/sections.html claims this as:

Directives Directory and files , together with their regular expression equivalents, apply directives to parts of the file system .

This is why your second post using LocationMatch solved the problem. Also from http://httpd.apache.org/docs/current/sections.html it says:

The Location directive and its regular expression equivalent , on the other hand, will change the configuration of content in web space . The <SNIP> directive should have nothing to do with the file system. For example, the following example shows how to map a specific URL to the internal Apache HTTP server handler provided by mod_status. No file called server status should exist in the file system.

 <Location /server-status> SetHandler server-status </Location>

Apache docs generalizes this behavior with the following statement:

Use Location to apply directives to content that is outside the file system. For content that resides on the file system, use Directory and Files. The exception is <Location>, which is a simple way to apply the configuration to the entire server.

For those who want to understand more mechanics, this is how I understand the insides:

  • Complies with location directives based on an HTTP URI request (e.g. example.com/ this / is / a / uri.htm without the example.com part).
  • The Directory and Files directives, on the other hand, are the same based on whether there is a directory path or a file in the DocumentRoot file system that matches the corresponding part of the HTTP request URI

Apache docs generalizes this behavior as:

What to use when

The choice between file system containers and web space containers is actually quite simple. When applying directives to objects that reside on the file system, always use Directory or Files . When applying directives to objects that are not in the file system (for example, a web page created from a database), use "Location" .

[IMPORTANT!] It is important to never use Location when trying to restrict access to objects in the file system. This is because many web space locations (URLs) can map to the same file system location, which circumvents restrictions.

+10
source

This issue has now been resolved.

To make it work, we changed from using FilesMatch to LocationMatch , and now the headers are set perfectly.

We believe this is because the page is redirected from the JSP page to the HTML page.

 <LocationMatch "\.(htm|html)$"> Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate" Header set Pragma "no-cache" Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT" Header set Warning "Testing" </LocationMatch>

Hope others find this helpful.

+8
source

More articles:


All Articles