dsy19890123
dsy19890123
2014-07-13 14:15

如何在.htaccess文件中设置一些PHP标头

已采纳

So I have these headers in some of my PHP files:

<?php
    header('Content-Type: text/html; charset=UTF-8');
    header('Content-Style-Type: text/css');
    header('Content-Script-Type: application/javascript');
    header('HTTP/1.1 200 OK');
    header('Content-language: en-US');
    header('X-Powered-By: PHP/5.2.17');
    header('Last-Modified: Tue, 01 Jan 2013 00:00:00 GMT');
    header('Cache-Control: no-store, no-cache, max-age=0, must-revalidate');
    header('Pragma: no-store, no-cache, max-age=0, must-revalidate');
    header('Expires: Tue, 01 Jan 2013 00:00:00 GMT');
?>

How do I set them in my .htaccess file? (Should be for specific files only), here's what I got so far:

<FilesMatch "^(index.php|about.php|contact.php)$">
    # HTTP Headers should be set in here
</FilesMatch>
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • douyue1926 douyue1926 7年前

    You need to have mod_headers installed, or you might get error 500. You can wrap the setting of headers in a condition to check if mod_headers is present or not.

    <FilesMatch "\.(html|htm|js|css)$">
        <ifModule mod_headers.c>
            Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
            Header set Expires "Thu, 1 Jan 2015 05:00:00 GMT"
        </ifModule>
    </FilesMatch>
    

    You can also unset headers. For example, if you're behind a load balacer the real visitor IP could be passed in form of a custom header you don't want to expose to the application.

    Header unset Real-Visitor-IP
    

    Besides expiration and etags, and webserver specific custom headers, you shouldn't tamper with headers at webserver level. Most of them should be managed at the application level, and you would prevent some frameworks from working normally if you pass them altered content types.

    点赞 评论 复制链接分享

相关推荐