Have Apache ignore GET variables

#1
[eluser]bapobap[/eluser]
Hi all,

I've got a facebook app setup and when facebook loads the page in the iframe it will load

http://domain.com/page/?ref=bookmarks&co...sig_in_ifr... etc

which causes an error as the ? is a disallowed character. Rather than just add the ? in the config file to allow it, I was wondering if there was an htaccess way of getting Apache to ignore the ? part and just load http://domain.com/page/

This way I can keep the CI config settings the same but allow the page to load properly.

Can anyone help? Thanks!

#2
[eluser]Twisted1919[/eluser]
The error is triggered by CI itself, so you don't need to work with apache here, rather than allowing that char in config.
Anyway, you will have enough headaches with this.

#3
[eluser]bapobap[/eluser]
[quote author="Twisted1919" date="1294377442"]The error is triggered by CI itself, so you don't need to work with apache here, rather than allowing that char in config.
Anyway, you will have enough headaches with this.[/quote]

In the config file it states only change it if you know what you are doing, are there any security or "code" risks of adding in the ? char? I want all the URL helpers to continue to work and I don't want the GET vars to be used in any way (though I know the days of global vars are gone)

#4
[eluser]Twisted1919[/eluser]
It is safe

#5
[eluser]jayrulez[/eluser]
[quote author="bapobap" date="1294377643"][quote author="Twisted1919" date="1294377442"]The error is triggered by CI itself, so you don't need to work with apache here, rather than allowing that char in config.
Anyway, you will have enough headaches with this.[/quote]

In the config file it states only change it if you know what you are doing, are there any security or "code" risks of adding in the ? char? I want all the URL helpers to continue to work and I don't want the GET vars to be used in any way (though I know the days of global vars are gone)[/quote]

I blame CI for this kind of thinking. $_GET is still as safe and as useful as it has always been. If you have such an issue with $_GET, then you should with $_POST and others.

What you should have an issue with is register globals where if you can "illegally" set variables.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.