We help IT Professionals succeed at work.

Mod Rewrite rules to remove session id

nstephens
nstephens asked
on
Medium Priority
3,407 Views
Last Modified: 2008-01-16
Hi everyone, I'm having a difficult time stripping out session id's from our urls.  We no longer generate session ID's in the url, however we have a lot of links out there with them still in the url.  We need to strip them for those people coming in so that google no longer hates us.

Here is a typical URL:  http://www.domain.com/home/contact_us.jsp;jsessionid=cThW1ZRbzXZ4

I need to rewrite that so that it goes instead to: http://www.domain.com/home/contact_us.jsp

And unfortunately, it is not for this single page, but rather for every page we host.. therefor we need a wildcard match for ANY page with sessionid to send them to the correct page.

We are using Apache 1.3.37 on Fedora.

Thanks!
Comment
Watch Question

Commented:
try :

RewriteEngine on
RewriteRule ^(.*);jsessionid=(.*)$    $1 [L]
Is that meant to be a semicolon? I thought query strings had to begin with a question mark? According to the definition of a URI, that is.

Author

Commented:
Yes it is meant to be a semilcolon.  It is how the resin java server works by default, I suppose.

Tol_cv, I have tried your rule in the following methods, but to no avail.  the page still comes up with the jsessionid shown.  My understanding is that [L] means "this is the last rule", so I tried it a few different ways, as shown below:

        RewriteEngine on
        RewriteRule ^(.*);jsessionid=(.*)$ $1 [L]
        RewriteOptions inherit

        RewriteEngine on
        RewriteRule ^(.*);jsessionid=(.*)$ $1 [L,PT]
        RewriteOptions inherit

        RewriteEngine on
        RewriteRule ^(.*);jsessionid=(.*)$ $1 [PT]
        RewriteOptions inherit
Top Expert 2008

Commented:
> the page still comes up with the jsessionid shown

Your rule will rewrite an incomming request of foo;jsessionid=bar to foo, but this will not change the browser's address bar. You must use the R flag In order to change it, and provide an URL-path in the substitution (in directory context your $1 subst. would result in an local filepath without the RewriteBase directive)

The PT flag is only relevant in per-server context (httpd.conf, outside of <directory> sections) for internal rewriting, but anyway I don't know where (=in which context) you're using the rules.

RewriteEngine on
# we do not expect an other ';' in the pattern
RewriteRule ^/([^;]+);jsessionid /$1 [R=301,L]

in order to get this working in directory context (e.g. .htaccess files), remove the leading slash in the rule-pattern (->  ^([^;]+);jsessionid  )

Author

Commented:
I attempted your suggestion, but it also failed to work.. my httpd.conf entry looks like such:

        RewriteEngine on
        RewriteRule ^/([^;]+);jsessionid /$1 [R=301,L]
        RewriteOptions inherit

Perhaps this is because the url looks like http://www.domain.com/home/contact_us.jsp;jsessionid=cThW1ZRbzXZ4 (with =[characters]) ?

I don't suppose theres any good log functionality that allows you to see how/when rewrite rules are being used?
Top Expert 2008
Commented:
That should match. It doesn't matter what comes right to jsessionid, because the RegEx is left open to the right side and would match anything.

You can track the rewriting process with a RewriteLog, using the directives rewriteLog and RewriteLoglevel, e.g.

Rewritelog logs/rewrite.txt
Rewriteloglevel 5

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.