httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50851] mod_proxy_fcgi does not comply with RFC 3875 (CGI 1.1)
Date Thu, 03 Mar 2011 20:50:19 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50851

--- Comment #5 from Mark Montague <mark@catseye.org> 2011-03-03 15:50:15 EST ---

Thanks for the reply, Jim!  I had indeed overlooked and failed to investigate
the ProxyPass nocanon option, so your question was helpful.  The short answer
is: "the requirements of RFC 3875 are still not met".  Here is the long version
of the answer:

Without the patch applied (stock httpd 2.3.10), and with nocanon set:

ProxyPass /test/ fcgi://127.0.0.1:9000/www/php-ssl/ nocanon

the following changes to the environment variables happen compared to the same
situation without nocanon set (changes are in a unified diff like format):

-SCRIPT_FILENAME=proxy:fcgi://127.0.0.1:9000/www/php-ssl/hello.php/some/info
+SCRIPT_FILENAME=proxy:fcgi://127.0.0.1:9000/www/php-ssl/hello.php/some/info?foo=bar&rod=moby
-SCRIPT_NAME=/test
+SCRIPT_NAME=/test/hello.php/some/info
-PATH_INFO=/www/php-ssl/hello.php/some/info
+PATH_INFO=/www/php-ssl/hello.php/some/info?foo=bar&rod=moby
-PATH_TRANSLATED=/www/html-ssl/www/php-ssl/hello.php/some/info
+PATH_TRANSLATED=/www/html-ssl/www/php-ssl/hello.php/some/info?foo=bar&rod=moby

Applying these changes to the script-URI formula in RFC 3875 gives:

https://f14dev1.catseye.org:443/test/hello.php/some/info/www/php-ssl/hello.php/some/info?foo=bar&rod=moby?foo=bar&rod=moby

This result is better in some ways and worse in other ways than when the
"nocanon" option is omitted, but it still fails to meet the requirement of the
RFC in that if that URL were requested, the script would execute with a
different value of PATH_INFO.

Also, despite these changes, the php-fpm status and ping pages still fail to
work.  Let me know if you'd like information about what php-fpm is doing
internally with the environment variables in the non-working (stock httpd)
versus working (patched httpd) cases; for the sake of this bug report, I've
been only including information about RFC 3875 compliance issues.

Here is the complete set of environment variables that result with stock httpd
2.3.10 and the ProxyPass nocanon option set:

HTTPS=on
SSL_TLS_SNI=f14dev1.catseye.org
HTTP_HOST=f14dev1.catseye.org
HTTP_USER_AGENT=Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;
rv:1.9.2.
14) Gecko/20110218 Firefox/3.6.14
HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.7,ja;q=0.3
HTTP_ACCEPT_ENCODING=gzip,deflate
HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
HTTP_KEEP_ALIVE=115
HTTP_CONNECTION=keep-alive
PATH=/sbin:/usr/sbin:/bin:/usr/bin
SERVER_SIGNATURE=<address>Apache/2.3.10 (Fedora) Server at <a
href="mailto:webma
ster@catseye.org">f14dev1.catseye.org</a> Port 443</address>#012
SERVER_SOFTWARE=Apache/2.3.10 (Fedora)
SERVER_NAME=f14dev1.catseye.org
SERVER_ADDR=172.16.168.128
SERVER_PORT=443
REMOTE_ADDR=172.16.168.1
DOCUMENT_ROOT=/www/html-ssl
SERVER_ADMIN=webmaster@catseye.org
SCRIPT_FILENAME=proxy:fcgi://127.0.0.1:9000/www/php-ssl/hello.php/some/info?foo=
bar&rod=moby
REMOTE_PORT=51108
GATEWAY_INTERFACE=CGI/1.1
SERVER_PROTOCOL=HTTP/1.1
REQUEST_METHOD=GET
QUERY_STRING=foo=bar&rod=moby
REQUEST_URI=/test/hello.php/some/info?foo=bar&rod=moby
SCRIPT_NAME=/test/hello.php/some/info
PATH_INFO=/www/php-ssl/hello.php/some/info?foo=bar&rod=moby
PATH_TRANSLATED=/www/html-ssl/www/php-ssl/hello.php/some/info?foo=bar&rod=moby


I also tested with my patch applied together with the ProxyPass nocanon option
turned on.  In this case, the requirements of the RFC are met and the php-fpm
status (and presumably ping) page works.  Here is the complete set of
environment variables with the patch and nocanon option specified (turning
nocanon on and off when the patch is applied affects only whether
SCRIPT_FILENAME includes the query string):

HTTPS=on
SSL_TLS_SNI=f14dev1.catseye.org
HTTP_HOST=f14dev1.catseye.org
HTTP_USER_AGENT=Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;
rv:1.9.2.
14) Gecko/20110218 Firefox/3.6.14
HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.7,ja;q=0.3
HTTP_ACCEPT_ENCODING=gzip,deflate
HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
HTTP_KEEP_ALIVE=115
HTTP_CONNECTION=keep-alive
PATH=/sbin:/usr/sbin:/bin:/usr/bin
SERVER_SIGNATURE=<address>Apache/2.3.10 (Fedora) Server at <a
href="mailto:webma
ster@catseye.org">f14dev1.catseye.org</a> Port 443</address>#012
SERVER_SOFTWARE=Apache/2.3.10 (Fedora)
SERVER_NAME=f14dev1.catseye.org
SERVER_ADDR=172.16.168.128
SERVER_PORT=443
REMOTE_ADDR=172.16.168.1
DOCUMENT_ROOT=/www/html-ssl
SERVER_ADMIN=webmaster@catseye.org
SCRIPT_FILENAME=proxy:fcgi://127.0.0.1:9000/www/php-ssl/hello.php/some/info?foo=
bar&rod=moby
REMOTE_PORT=51184
GATEWAY_INTERFACE=CGI/1.1
SERVER_PROTOCOL=HTTP/1.1
REQUEST_METHOD=GET
QUERY_STRING=foo=bar&rod=moby
REQUEST_URI=/test/hello.php/some/info?foo=bar&rod=moby
SCRIPT_NAME=/test/hello.php/some/info

...giving the correct script-URI::

https://f14dev1.catseye.org:443/test/hello.php/some/info?foo=bar&rod=moby


I apologize for the length of this reply, but I wanted to show that I was
thorough, expose any mistakes I may have made for everyone to see, and allow
others to compare their results to mine.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message