Rewrite Rules Behavior Changes When Used Together

Question

Each rule set below works fine when used alone. However, when used together, the rules' behavior changes.

When rule set # 2 is used by itself, a request for https://internal/Security/login is rewritten by Apache to sapphire/main.php without the browser's knowledge. This is the expected behavior.

When both rule sets are used together, a request for the previously mentioned URL results in Apache sending a 301 redirect to http://internal/sapphire/main.php?url=Security/login.

Why does Apache send this redirect instead of doing an internal rewrite?

# Rule Set # 1
# - Forces all HTTPS requests to HTTP, except for security section requests.
#   Example: request for https://internal/abc/ 
#   -> redirected to http://internal/abc/
RewriteCond %{SERVER_PORT} =443
RewriteCond %{REQUEST_URI} !^/Security($|/.*$)
RewriteRule (.*) http://internal/$1 [R=301,L]

# Rule Set # 2
# - Hands request to CMS - web user does not see this behind-the-scenes rewrite
RewriteRule (.*) sapphire/main.php?url=$1&%{QUERY_STRING} [L]

Answer 1

The L flag causes an reinjection of the already rewritten URL. So try to analyze the original requested URL instead:

RewriteCond %{SERVER_PORT} =443
RewriteCond %{THE_REQUEST} ^[A-Z]+\ /Security[/?\ ]
RewriteRule (.*) http://internal/$1 [R=301,L]