httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sl...@locus.apache.org
Subject cvs commit: httpd-docs-2.0/htdocs/manual index.html env.html
Date Wed, 11 Oct 2000 21:56:57 GMT
slive       00/10/11 14:56:55

  Modified:    htdocs/manual index.html env.html
  Log:
  Change env.html from a specific discussion of special-purpose environment
  variables to a general discussion of environment variables in Apache.
  
  Revision  Changes    Path
  1.7       +1 -1      httpd-docs-2.0/htdocs/manual/index.html
  
  Index: index.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/index.html,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- index.html	2000/09/12 16:34:48	1.6
  +++ index.html	2000/10/11 21:56:54	1.7
  @@ -39,7 +39,7 @@
   <LI><A HREF="dso.html">Dynamic Shared Object (DSO) support</A>
   <LI><A HREF="handler.html">Handlers</A>
   <LI><A HREF="content-negotiation.html">Content negotiation</A>
  -<LI><A HREF="env.html">Special purpose environment variables</A>
  +<LI><A HREF="env.html">Environment Variables</A>
   <LI><A HREF="misc/API.html">The Apache API</A>
   <LI><A HREF="suexec.html">Using SetUserID Execution for CGI</A>
   </UL>
  
  
  
  1.10      +201 -7    httpd-docs-2.0/htdocs/manual/env.html
  
  Index: env.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/env.html,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- env.html	1999/05/04 19:17:37	1.9
  +++ env.html	2000/10/11 21:56:54	1.10
  @@ -13,7 +13,136 @@
    ALINK="#FF0000"
   >
   <!--#include virtual="header.html" -->
  -<H1 ALIGN="CENTER">Special Purpose Environment Variables</H1>
  +<h1 align="center">Environment Variables in Apache</h1>
  +
  +<p>Many operating systems provide a facility for storage and
  +transmission of information called environment variables.  Apache uses
  +environment variables in many ways to control operations and to
  +communicate with other programs like CGI scripts.  This document
  +explains some of the ways to use environment variables in Apache.</p>
  +
  +<ul>
  +<li><a href="#setting">Setting Environment Variables</a></li>
  +<li><a href="#using">Using Environment Variables</a></li>
  +<li><a href="#special">Special Purpose Environment Variables</a></li>
  +<li><a href="#examples">Examples</a></li>
  +</ul>
  +
  +<hr>
  +
  +<h2><a name="setting">Setting Environment Variables</a></h2>
  +
  +<h3>Related Modules</h3>
  +
  +<ul>
  +<li><a href="mod/mod_env.html">mod_env</a></li>
  +<li><a href="mod/mod_rewrite.html">mod_rewrite</a></li>
  +<li><a href="mod/mod_setenvif.html">mod_setenvif</a></li>
  +<li><a href="mod/mod_unique_id.html">mod_unique_id</a></li>
  +</ul>
  +
  +<h3>Related Directives</h3>
  +
  +<ul>
  +<li><A HREF="mod/mod_setenvif.html#BrowserMatch">BrowserMatch</A></li>
  +<li><A HREF="mod/mod_setenvif.html#BrowserMatchNoCase">BrowserMatchNoCase</A></li>
  +<li><A HREF="mod/mod_env.html#passenv">PassEnv</A></li>
  +<li><A HREF="mod/mod_rewrite.html#RewriteRule">RewriteRule</A></li>
  +<li><A HREF="mod/mod_env.html#setenv">SetEnv</A></li>
  +<li><A HREF="mod/mod_setenvif.html#SetEnvIf">SetEnvIf</A></li>
  +<li><A HREF="mod/mod_setenvif.html#SetEnvIfNoCase">SetEnvIfNoCase</A></li>
  +<li><A HREF="mod/mod_env.html#unsetenv">UnsetEnv</A></li>
  +</ul>
  +
  +<p>The most basic way to set an environment variable in Apache is
  +using the unconditional <code>SetEnv</code> directive.  Variables
  +may also be passed from the environment when Apache is started
  +using the <code>PassEnv</code> directive.</p>
  +
  +<p>The directives provided by mod_setenvif allow environment variables
  +to be set on a per-request basis based on characteristics of particular
  +requests.  For example, a variable could be set only when a specific
  +browser (User-Agent) is making a request, or only when a specific
  +Referer header is found.  Even more flexibility is available through the
  +mod_rewrite's <code>RewriteRule</code> which uses the
  +<code>[E=...]</code> option to set environment variables.</p>
  +
  +<p>Finally, mod_unique_id sets the environment variable
  +<code>UNIQUE_ID</code> for each request to a value which is guaranteed
  +to be unique across "all" requests under very specific conditions.</p>
  +
  +<hr>
  +
  +<h2><a name="using">Using Environment Variables</a></h2>
  +
  +<h3>Related Modules</h3>
  +
  +<ul>
  +<li><a href="mod/mod_access.html">mod_access</a></li>
  +<li><a href="mod/mod_cgi.html">mod_cgi</a></li>
  +<li><a href="mod/mod_include.html">mod_include</a></li>
  +<li><a href="mod/mod_log_config.html">mod_log_config</a></li>
  +<li><a href="mod/mod_rewrite.html">mod_rewrite</a></li>
  +</ul>
  +
  +<h3>Related Directives</h3>
  +
  +<ul>
  +<LI><A HREF="mod/mod_access.html#allowfromenv">Allow from env=</A></li>
  +<li><a href="mod/mod_log_config.html#customlog-conditional">CustomLog
  +(conditional)</a></li>
  +<LI><A HREF="mod/mod_access.html#denyfromenv">Deny from env=</A></li>
  +<li><a href="mod/mod_log_config.html#logformat">LogFormat</a></li>
  +<LI><A HREF="mod/mod_rewrite.html#RewriteCond">RewriteCond</A></li>
  +<LI><A HREF="mod/mod_rewrite.html#RewriteRule">RewriteRule</A></li>
  +</ul>
  +
  +
  +<p>One of the primary uses of environment variables is to communicate
  +information to CGI scripts.  In addition to all environment variables
  +set within Apache, CGI scripts are provided with a set of
  +meta-information about the request as provided for in the <a
  +href="misc/FAQ.html#cgi-spec">CGI specification</a>.  If you are using
  +<a href="suexec.html">Suexec</a> to execute CGI scripts under
  +different userids, note that the environment will be cleaned down to a
  +set of <em>safe</em> environment variables before the CGI script is
  +executed.  The set of safe environment variables is defined at
  +compile time in <code>suexec.c</code>.
  +</p>
  +
  +<p>Server-parsed (SSI) documents processed by mod_include's
  +<code>server-parsed</code> handler can print environment variables
  +using the <code>echo</code> element, and can use environment variables
  +in flow control elements.
  +</p>
  +
  +<p>Access to the server can be controlled based on the value of
  +environment variables using the <code>allow from env=</code> and
  +<code>deny from env=</code></a> directives.  In combination with
  +<code>SetEnvIf</code>, this allows for flexible control of access to
  +the server based on characteristics of the client.  For example, you
  +can use these directives to deny access to a particular browser
  +(User-Agent).
  +</p>
  +
  +<p>Environment variables can be logged in the access log using the
  +<code>LogFormat</code> option <code>%e</code>.  In addition, the
  +decision on whether or not to log requests can be made based on the
  +status of environment variables using the conditional form of the
  +<code>CustomLog</code> directive.  In combination with
  +<code>SetEnvIf</code> this allows for flexible control of which
  +requests are logged.  For example, you can choose not to log requests
  +for filenames ending in <code>gif</code>, or you can choose to only
  +log requests from clients which are outside your subnet.
  +</p>
  +
  +<p>The <code>%{ENV:...}</code> form of <em>TestString</em>
in the
  +<code>RewriteCond</code> allows mod_rewrite's rewrite engine to make
  +decisions conditional on environment variables.
  +
  +<hr>
  +
  +<H2><a name="special">Special Purpose Environment Variables</a></H2>
   <P>
   Interoperability problems have led to the introduction of
   mechanisms to modify the way Apache behaves when talking to particular
  @@ -51,13 +180,78 @@
   
   <H2>nokeepalive</H2>
   <P>
  -This disables <A HREF="mod/core.html#keepalive">KeepAlive</A> when set. Because
  -of problems with Netscape 2.x and KeepAlive, we recommend the following
  -directive be used:
  +This disables <A HREF="mod/core.html#keepalive">KeepAlive</A> when set.
   </P>
  -<PRE>
  -    BrowserMatch Mozilla/2 nokeepalive
  -</PRE>
  +
  +
  +<hr>
  +
  +<h2><a name="examples">Examples</a></h2>
  +
  +<h3>Changing protocol behavior with misbehaving clients</h3>
  +
  +<p>We recommend that the following lines be included in httpd.conf
  +to deal with known client problems.</p>
  +
  +<pre>
  +#
  +# The following directives modify normal HTTP response behavior.
  +# The first directive disables keepalive for Netscape 2.x and browsers that
  +# spoof it. There are known problems with these browser implementations.
  +# The second directive is for Microsoft Internet Explorer 4.0b2
  +# which has a broken HTTP/1.1 implementation and does not properly
  +# support keepalive when it is used on 301 or 302 (redirect) responses.
  +#
  +BrowserMatch "Mozilla/2" nokeepalive
  +BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
  +
  +#
  +# The following directive disables HTTP/1.1 responses to browsers which
  +# are in violation of the HTTP/1.0 spec by not being able to grok a
  +# basic 1.1 response.
  +#
  +BrowserMatch "RealPlayer 4\.0" force-response-1.0
  +BrowserMatch "Java/1\.0" force-response-1.0
  +BrowserMatch "JDK/1\.0" force-response-1.0
  +</pre>
  +
  +<h3>Do not log requests for images in the access log</h3>
  +
  +<p>This example keeps requests for images from appearing
  +in the access log.  It can be easily modified to prevent logging
  +of particular directories, or to prevent logging of requests
  +coming from particular hosts.</p>
  +
  +<pre>
  +    SetEnvIf Request_URI \.gif image-request
  +    SetEnvIf Request_URI \.jpg image-request
  +    SetEnvIf Request_URI \.png image-request
  +    CustomLog logs/access_log env=!image-request
  +</pre>
  +
  +<h3>Prevent &quot;Image Theft&quot;</h3>
  +
  +<p>This example shows how to keep people not on your server from using
  +images on your server as inline-images on their pages.  This is not 
  +a recommended configuration, but it can work in limited 
  +circumstances.  We assume that all your images are in a directory
  +called /web/images.</p>
  +
  +<pre>
  +    SetEnvIf Referer "^http://www.example.com/" local_referal
  +    # Allow browsers that do not send Referer info
  +    SetEnvIf Referer "^$" local_referal
  +    &lt;Directory /web/images&gt;
  +       Order Deny,Allow
  +       Deny from all
  +       Allow from env=local_referal
  +    &lt;/Directory&gt;
  +</pre>
  +
  +<p>For more information about this technique, see the ApacheToday
  +tutorial &quot;<a
  +href="http://apachetoday.com/news_story.php3?ltsn=2000-06-14-002-01-PS">Keeping
  +Your Images from Adorning Other Sites</a>&quot;.</p>
   
   <!--#include virtual="footer.html" -->
   </BODY>
  
  
  

Mime
View raw message