QSA = Query String Append.
This rule appends the GET query string which results from the ReWrite rule to the initial GET query string sent by the browser. For example, take the following RewriteRule:
RewriteRule ^/product/([0-9]*)/? /product.php?product_id=$1 [QSA]
This simply makes the product_id number look like a directory to the user. Now say that I have two different views of the page, view=short and view=long. For whatever reason, I don't want to make these views look like directories by using a RewriteRule. So I want to be able to do things like:
http://mysite.com/product/1351283/?view=short
Let's see how QSA works. With QSA, my final rewritten URL is
http://example.com/product.php?product_id=1351283&view=short
QSA has caused the RewriteEngine to append the existing query string (view=short) to the new query string (product_id=1351283). Without QSA, the existing query string is simply replaced by the new query string:
http://example.com/product.php?product_id=1351283
If you do much scripting with reliance on GET variables, it is virtually imperative that you enable the QSA flag on all of your RewriteRules. NOTE: I'm not sure how this works with PHP's session identifiers, which can be passed in the URL as a GET variable instead of a session cookie. This would probably be useful to know.