Rewrite variables

A rewrite variable is an object that stores a dynamic value like a entry path of an request or a session id. Rewrite variables are represented as strings in the format %<variable name>% or %<variable name>[argument]%. They are, for example, useful to define generic rewrite rules that are independent of the selected mapping, virtual host, or back-end group.

Rewrite variables are available in the following areas. For variable specific exceptions see table list of rewrite variables.

Pattern and substitution fields in:

  • Request Actions
  • Response Actions
  • URL Encryption
  • CSRF Tokens
  • Deny Rules
  • Allow Rules

Redirect locations fields:

  • Denied access URL
  • URL Encryption - Invalid URL redirect location
  • CSRF Tokens - Invalid token redirect location
List of rewrite variables
Variable name
Description
Not available in
%ENTRYPROTOCOL%
current request protocol from the client, http or https
Redirect locations
%ENTRYHOST%
entry host of the current mapping, without port
Redirect locations
%ENTRYPORT%
entry host port number of the current mapping
Redirect locations
%ENTRYDIR%
entry path of the current mapping trimmed of trailing slashes, empty for root entry path
Mapping with regex entry path
%ENTRYPATH%
same as %ENTRYDIR% but also trimmed of leading slashes
Mapping with regex entry path
%BACKENDDIR%
back-end path of the current mapping trimmed of trailing slashes, empty for root back-end path
Mapping with regex entry path
%BACKENDPATH%
same as %BACKENDDIR% but also trimmed of leading slashes
Mapping with regex entry path
%ENTRYDIR[<mapping>]%
same as %ENTRYDIR% of mapping with name "<mapping>" *
%ENTRYPATH[<mapping>]%
same as %ENTRYPATH% of mapping with name "<mapping>" *
%BACKENDDIR[<mapping>]%
same as %BACKENDDIR% of mapping with name "<mapping>" *
%BACKENDPATH[<mapping>]%
same as %BACKENDPATH% of mapping with name "<mapping>" *
%BACKENDPROTOCOL%
back-end protocol, http or https
Redirect locations
%BACKENDHOSTNAME%
back-end host for this request, dynamically set based on current load balancing back-end host, without port
Redirect locations
%BACKENDPORT%
port number of back-end host - see above
Redirect locations
%BACKENDHOST%
combined value of back-end host and port; omitting default ports: 80, 443
Redirect locations
%VHCOOKIEDOMAIN%
the cookie domain configured in the virtual host
Redirect locations
%REQUESTID%
current request id
Patterns,
Redirect locations
%SESSIONID%
current session id; "<n/a>" if no session is available
Patterns,
Redirect locations
%SESSIONTIMINGINFO%
In seconds:
{remaining session idle timeout}:{remaining session lifetime}
Patterns,
Redirect locations
%AUDITTOKEN%
current audit token
Patterns,
Redirect locations
%REMOTEADDR%
current IP address of client
Patterns,
Redirect locations
%ROLES%
In seconds:
{role1 name}:{remaining role1 idle timeout}:{remaining role1 lifetime},{role2 name}:{remaining role2 idle timeout}:{remaining role2 lifetime},...
Patterns,
Redirect locations
%ENTRYADDR%
IP address of current entry host
Patterns,
Redirect locations

* The referenced mapping must not use a regular expression as entry path.

Example

Incoming URL:
https://example.com/webmail/inbox/index.html

Configured value
 
Variable value
Entry protocol is: https
%ENTRYPROTOCOL%: https
Entry host is: example.com
%ENTRYHOST%: example.com
Entry host port is: 443
%ENTRYPORT%: 443
Entry path is: /webmail/inbox/
%ENTRYDIR%: /webmail/inbox
 
%ENTRYPATH%: webmail/inbox
Back-end protocol is: http
%BACKENDPROTOCOL%: http
Back-end host name is: mserv.net.local
%BACKENDHOSTNAME%: mserv.net.local
Back-end host port is: 8080
%BACKENDPORT%: 8080
 
%BACKENDHOST%: mserv.net.local:8080
Back-end path is: /mailapplication/inbox/
%BACKENDDIR%: /mailapplication/inbox
 
%BACKENDPATH%: mailapplication/inbox
Incoming URL
https://example.com/webmail/inbox/index.html
Rewrite from
%ENTRYPROTOCOL%://%ENTRYHOST%%ENTRYDIR%(/.*)?
Rewrite to
%BACKENDPROTOCOL%://%BACKENDHOST%%BACKENDDIR%$1
Back-end URL results in
http://mserv.net.local:8080/mailapplication/inbox/index.html
Literal mode

All variables are treated as literal values - characters do not have any special regular expression significance. This means, that the variable value 'www.example.com' just matches www.example.com and not www-example/com nor wwwXexampleYcom.

Technically this is achieved by internally surrounding all variables by an extra \Q .. \E span.