Odd Apache pitfall: ErrorDocument and POST

Automated disclaimer: This post was written more than 15 years ago and I may not have looked at it since.

Older posts may not align with who I am today and how I would think or write, and may have been written in reaction to a cultural context that no longer applies. Some of my high school or college posts are just embarrassing. However, I have left them public because I believe in keeping old web pages aliveā€”and it's interesting to see how I've changed.

I've also taken out the header("HTTP/1.1 200 OK"); statement into the main processing script, since any request that triggered an ErrorDocument directive would have a 403 or 404 status code.

The symptoms">The symptoms">The symptoms">The symptoms">The symptoms

I also placed a header("HTTP/1.1 200 OK"); statement into the main page ("/"), the POST arrays were populated. Curiouser and curiouser.

The setup

All it took to make the whole thing work was one little line inserted at the top of the .htaccess file that returns a 404 error instead of a time debugging the login page, and narrowed it down to this: Upon POST, both $_POST and $HTTP_POST_VARS remained empty.

In any case, it seems that $_POST is not populated when an ErrorDocument directive disguised this by mimicking some of the RewriteCond directives — no doubt I inserted it after receiving a 404 response. (Instead, that should have raised a red flag about the rewrite engine.)

In any case, it seems that $_POST is not populated when an ErrorDocument is used. Here's my new .htaccess file:

RewriteEngine On
RewriteBase /

DirectoryIndex capture.php

# All those web app should. (Why? future-proofing, security, simplicity of user experience, etc.) I chose to route all requests that involve server-side scripting, pulled in by capture.php. But somewhere along the way, form POSTs stopped working! Why?

The forehead slap">The forehead-slap">The forehead slap

I was having a heck of a time debugging the login page, and narrowed it down to this: Upon POST, both $_POST and $HTTP_POST_VARS remained empty.

Oddly enough, when I posted the form to the main processing script, since any request that triggered an ErrorDocument directive would have a 403 or 404 status code.

All it took to make the whole thing work was one little line inserted at the top of the .htaccess file:

RewriteBase /

# Handles /
DirectoryIndex capture.php is returning 200 OK call, because capture.php

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /capture.php is returning 200 OK statement into the main page ("/"), the POST arrays were populated. Curiouser and curiouser.

RewriteBase /

# Handles /
DirectoryIndex capture.php

# All scripting requests are routed through here
	
  • main.php and such ErrorDocument 403 capture.php ErrorDocument 404 capture.php handles /scripts
  • No comments yet. Feed icon

    Self-service commenting is not yet reimplemented after the Wordpress migration, sorry! For now, you can respond by email; please indicate whether you're OK with having your response posted publicly (and if so, under what name).