httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodent of Unusual Size <Ken.C...@Golux.Com>
Subject Re: CGI / App servers and OPTIONS requests
Date Fri, 26 Mar 1999 16:04:08 GMT
Brian Lloyd wrote:
> So far the DAV effort has gone exceedingly well - there is only one
> problem when running behind apache that I'd like to propose some
> possible solutions and get people's reactions:
> Currently CGIs / app servers are prevented from responding to http
> OPTIONS requests, due to a snippet of code in mod_cgi (in the
> cgi_handler function):
>     if (r->method_number == M_OPTIONS) {
>         /* 99 out of 100 CGI scripts, this is all they support */
>         r->allowed |= (1 << M_GET);
>         r->allowed |= (1 << M_POST);
>         return DECLINED;
>     }
> This effectively prevents a cgi from handling an OPTIONS request,
> which a back-end application server needs to do in order to support
> DAV.

It never rains but it pours..  CGI/1.1 scripts generally don't
expect to get anything except GET or POST, and I suspect that
more than 75% of them don't even check REQUEST_METHOD.  However,
I've been looking at the whole aspect of how Apache 1.3 handles
methods -- of which this OPTIONS thing is just a part -- and
working out a replacement.  There are problems with Apache modules
as well as CGI scripts.

Our current draft for CGI/1.1 says that OPTIONS is essentially
inappropriate for scripts, but that's going to be changed (or
debated, at least) for CGI/1.2.

In the meantime, I think the lowest-impact workaround would be
adding a directive to mod_cgi to control, on a per-directory
basis, whether OPTIONS requests are passed to scripts or given
the current treatment.
#ken    P-)}

Ken Coar                    <http://Web.Golux.Com/coar/>
Apache Group member         <>
"Apache Server for Dummies" <http://Web.Golux.Com/coar/ASFD/>

View raw message