httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <>
Subject Re: request method of internal redirects
Date Thu, 04 Jan 1996 03:39:04 GMT
On Wed, 3 Jan 1996, Adam Sussman wrote:

> In the internal_redirect() function, an assumption is made that the new request
> can -only- be a GET request.  The comment just above the bit that hard codes
> the new request into a GET states that there is no possible way for the
> redirect to be getting POST style arguments.

Hmm. I suppose this is due to the way internal redirects are used in CGI 
scripts. If a CGI script gives out "Location: /whatever", it sends an 
internal redirect, after soaking up all the POST input. I guess the 
theory being that if you were going to another file or CGI script, you'd 
already have processed the POST data, so you then would want to emulate a 
GET. This is the only explanation I can think of.

> I have managed to find a way :).  In using the mod_actions.c module to post
> process certain html files, you can make a POST request to a document that
> gets internaly redirected via this module.  When it is redirected, all of the
> environment variables and standard input associated with the POST data are 
> preserved.  However, since the new redirected request is hard set to a GET,
> scripts which deal with the input can't test the REQUEST_METHOD variable
> to determine that it is actualy a POST request.

Oh. Ouch. This is a good point. Also, mod_dir uses internal redirects 
with index files (which someone might want to POST to), mod_negotiation 
uses them for type map (.var)-negotated files. http_request.c uses them 
for error documents as well. Conceivible one might want to POST to at 
least the first two, certainly.

I vote that internal_redirect should keep the method the same, and 
mod_cgi.c should set the method explicitly to GET, to keep the CGI 
behavior. Unless anyone objects, I'll write a patch and submit it for 
1.1b1. I can't think of any other reason to change the request to GET, 
save for CGI scripts.

--/ Alexei Kosut <> /--------/ Lefler on IRC
----------------------------/ <>
The viewpoints expressed above are entirely false, and in no way
represent Alexei Kosut nor any other person or entity. /--------------

View raw message