Re: [mod-security-users] Variable that holds scheme
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Variable that holds scheme
|
From: Ervin H. <ai...@gm...> - 2022-04-15 18:54:16
|
Hi there, On Fri, Apr 15, 2022 at 12:51:56PM -0500, Arlen Walker wrote: > Just a couple of thoughts: > > You could try looking for the request header for HSTS (Strict-Transport-Security). Won’t catch all browsers, but if you use it on your server it’ll catch most of them. (And why wouldn’t you use it?) > > Doesn’t REQUEST_URI_RAW work for this? I thought it gave the full URI as a text string. Arlen is right, REQUEST_URI_RAW seems contain the scheme too: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#REQUEST_URI_RAW a. |
