About the HeaderMatch and user.HeaderMatch documents
About the HeaderMatch document
The HeaderMatch document is used to configure Internet Services' handling of parts of the HTTP protocol for security or interoperability reasons.
 WarningWhile the HeaderMatch document can be customized by the administrator, we recommend you use the default HeaderMatch provided with the release unless directed by customer support or professional services to do otherwise. Changes to the HeaderMatch document can have serious effects on system security and the ability for users to connect to the system.
You can use the HeaderMatch document to:
• steer users of particular operating systems, browser types and versions, or languages to specific web sites or template sets on your site
• tailor HTTP error responses
• tailor MIME content to override the MIME Types file
• set Internet Services script variables
• add HeaderMatch SET variables
• customize the list of available forms in the dropdown menus of the Standard template set
• control which authentication mechanism Internet Services will enable
 NotesIf you have a default FirstClass site setup, you probably won't need to change the HeaderMatch document.
You can only have one HeaderMatch document per site, or per cluster on your site.
About the user.HeaderMatch document
The user.headermatch document is used by advanced-level administrators who customize their HeaderMatch documents and is not intended for everyone to use. In fact, if your HeaderMatch document has never been customized, you will have no reason to use this file.
During an upgrade, the HeaderMatch document is always replaced by the default HeaderMatch document, so any customizations to this file will be lost. user.HeaderMatch is intended to store administrator customizations so they will no longer be lost during an upgrade.
A blank user.HeaderMatch document is created during a new installation or upgrade if it doesn't already exist. It is stored in the same location as your current HeaderMatch document, and uses the same rules and syntax as the HeaderMatch document, as outlined further in this section.
HeaderMatch syntax
The HeaderMatch document is made up of comments and HeaderMatch commands, where:
# |
indicates a comment All lines that begin with the pound sign (#) are comments. All other lines are commands. |
[ ] |
indicate optional elements |
* |
indicates that a sequence may be repeated zero or more times |
+ |
indicates that a sequence must be repeated one or more times |
( ) |
may be used to help clarify optional or repeated sequences |
bold red |
indicates literals |
< > |
indicates a soft value, the syntax of which will either be defined later in the file or will be understood from the name. |
Note
You must place double quotes ("") around a string if it contains spaces or tabs.
HeaderMatch commands
HeaderMatch commands are in the form:
<scope>: [ IF <condition-statement> ] <action> [ AND <action> ]*
where
• <scope> defines which HTTP site(s) and/or plugin(s) the command applies to
• <condition-statement> defines a condition or conditions that must be true in order for the subsequent action(s) to be executed
• <action> defines the action(s) to be performed.
Scope
<scope> takes one of the following forms:
* |
indicates that this command affects all sites and plugins |
PLUGIN.* |
indicates that this command affects all plugins on all sites |
PLUGIN.<plugin> |
indicates that this command affects a specific plugin across all sites |
SITE.<alias>[.<language>] |
specifies one site that this command should operate on when no plugin is active (<alias> and <language> fields as specified on the Multiple Sites and Languages form) |
<alias>[.<language>] |
specifies one site that this command should operate on regardless of whether a plugin is active or not (<alias> and <language> fields as specified on the Multiple Sites and Languages form) |
Condition-statement
Use a condition-statement when you only want to execute a command under specific conditions (for example, if you have a template set that works with only one type of browser). The condition-statement takes the following form:
<condition-statement> := <condition> [ ( AND | OR ) <condition> ]*
where
<condition> := <secure-condition> | <method-condition> | <header-condition> | <cookie-condition> | <url-parameter-condition> | <autentication-condition> | <field-condition> | <variable-condition> | ( <condition-statement> )
Note
AND and OR have equal precedence and are evaluated in a strictly left to right manner.
Use parentheses to clarify the order of operations if necessary.
<secure-condition> := SECURE [ <comparator> ( 1 | 0 ) ] |
<comparator> is either == (equals) or != (does not equal) |
If no comparator is specified, the condition is treated as if it were "SECURE == 1", which evaluates to true if the current connection is secure (SSL encrypted), and false if not. |
<method-condition> := METHOD <comparator> <an http method> |
<comparator> is either == (equals) or != (does not equal) |
|
<header-condition> := [!] <HTTP header name> [<operator> <regular expression to be matched against the header's value>] |
<HTTP header name> is the name of the HTTP header to be tested, for example User-Agent or Referrer |
Do not include a trailing colon (:) in the header name. The request-uri can be matched using the pseudo header "url". |
|
<operator> is == (matches / contains) or != (does not match / contain) |
If the <operator> and <regular expression> parameters are missing, the test evaluates whether or not the specified HTTP header exists in the current request. If there is a leading exclamation point "!" it inverts the result of the test. |
|
<regular expression> is as used in the UNIX "grep" program, using ^$.[]+?* as meta characters |
<cookie-condition> := COOKIE [!] <cookie name> [<operator> <regular expression to be matched against the cookie's value>] |
<cookie name> is the name of the cookie to be tested |
If the <operator> and <regular expression> parameters are missing, the test evaluates whether or not the specified cookie exists. If there is a leading exclamation point "!" it inverts the result of the test. |
|
<operator> is == (contains) or != (does not contain) |
|
<regular expression> is as used in the UNIX "grep" program, using ^$.[]+?* as meta characters |
<url-parameter-condition> := URLPARAM [!] <URL parameter name> [<operator> <regular expression to be matched against the URL parameter's value>] |
<URL parameter name> is the name of the URL parameter to be tested |
If the <operator> and <regular expression> parameters are missing, the test evaluates whether or not the specified url parameter exists. If there is a leading exclamation point "!" it inverts the result of the test. |
|
<operator> is == (contains) or != (does not contain) |
|
<regular expression> is as used in the UNIX "grep" program, using ^$.[]+?* as meta characters |
<authentication-condition> := AUTH [ <comparator> ( 1 | 0 ) ] |
<comparator> is either == (equals) or != (does not equal) |
If no comparator is specified, the condition is treated as if it were "AUTH == 1", which evaluates to true if the user is authenticated, and false if not. |
<field-condition> := <prefbag> <field-id>[.<index>] <comparator> <value> |
<prefbag> is one of: SITEPREF is the .sitepref form, or the global site pref form is there is no appropriate .sitepref form USERPREF is the user's preferences form PREF will first try to locate the specified value in the user's preferences, then fall back to the site prefrences if the user has not specified a value for this field |
|
|
<field-id> is the field on the specified pref form |
|
|
<index> is the index of the field |
If <index> is not specified it is assumed to be zero. |
|
<comparator> is one of: == (equals) != (does not equal) < (less than) > (greater than) <= (less than or equal to) >= (greater than or equal to) |
|
|
<value> is the value to compare the variable to |
If it contains spaces or tabs, the value must be enclosed in double quotes. |
<variable-condition> := VAR <variable> <comparator> <value> |
<variable> is the name of an Internet Services Script variable previously defined in the headermatch file |
|
|
<comparator> is one of: == (equals) != (does not equal) < (less than) > (greater than) <= (less than or equal to) >= (greater than or equal to) |
|
|
<value> is the value to compare the variable to |
If it contains spaces or tabs, the value must be enclosed in double quotes. |
Action
<action> is the actual instruction to be executed. There are two types of actions:
• <set-action>s
• <var-action>s
Each of these action types is detailed in the following help documents.
| 
