I was given a VM at my company to install web software on. But I came across a rather bizarre issue where PHP variables would be overwritten (rewritten) by the server if they matched a specific pattern. What could rewrite PHP variables like this?
The following is as an entire standalone script.
<?php
$foo = 'b.domain.com';
echo $foo; // 'dev01.sandbox.b.domain.com'
$bar = 'dev01.sandbox.domain.com';
echo $bar; // 'dev01.sandbox.sandbox.domain.com'
$var = 'b.domainfoo.com';
echo $var; // 'b.domainfoo.com' (not overwritten because it didn't match whatever RegEx has been set)
?>
Essentially any variable which contains a subdomain and matches on the domain name would be rewritten. This isn't something mod_rewrite would be able to touch, so it has to be something at the server level that is parsing out PHP and rewriting a string if it matches a RegEx.
Source: Tips4all
Output overwriting is possible within Apache by using mod_perl: PerlOutputFilterHandler.
ReplyDeleteThe following could be added to an apache.conf to set the output filter:
<FilesMatch "\.(html?|php|xml|css)$">
PerlSetVar Filter On
PerlHandler MyApache2::FilterDomain
PerlOutputFilterHandler MyApache2::FilterDomain
</FilesMatch>
Example filter handler code:
#file:MyApache2/FilterDomain.pm
#--------------------------------
package MyApache2::FilterDomain;
use strict;
use warnings;
use Apache2::Filter();
use Apache2::RequestRec();
use APR::Table();
use Apache2::Const -compile => qw(OK);
use constant BUFF_LEN => 1024;
sub handler {
my $f = shift;
my @hostname = split(/\./, $f->r->hostname);
my $new_hostname = $hostname[0].".".$hostname[1];
unless ($f->ctx) {
$f->r->headers_out->unset('Content-Length');
$f->ctx(1);
}
while ($f->read(my $buffer, BUFF_LEN)) {
$buffer =~ s/([a-z0-9]+)+\.domain\./$new_hostname\.$1.domain\./g;
$f->print($buffer);
}
return Apache2::Const::OK;
}
1;
More on Apache mod_perl filters can be found here: mod_perl: Input and Output Filters