httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] CGI script runs under http, but browser tries to download under https
Date Tue, 14 Oct 2003 07:54:10 GMT
>-----Original Message-----
>From: David Christensen [mailto:dpchrist@holgerdanske.com]
>I've boiled down the issue to per-user public_html and cgi-bin
>directories, http vs. https.
>
>
>The issue is as follows:  I am running Debian 3.0r1 and have configured
>Apache to allow per-user public_html and cgi-bin directories.
>Everything works fine when I browse to a user's pages using http:
>
>1.  http://192.168.254.2/~ramdra3/hello.html -> ok
>
>2.  http://192.168.254.2/~ramdra3/cgi-bin/hello.pl -> ok
>
>
>But, the CGI scripts are downloaded rather than executed when I use
>https:
>
>3.  https://192.168.254.2/~ramdra3/hello.html -> ok
>
>4.  https://192.168.254.2/~ramdra3/cgi-bin/hello.pl -> not ok: 
>downloads

I don't understand how HTTPS works when you haven't defined any SSL VHs
- where are your SSL directives?

Assuming I'm just thick and that you really do have a plain HTTP VH on
port 80 and an SSL VH on port 443, then the problem would be that you
have incorrectly set up CGI processing in the SSL VH. If you check
http://httpd.apache.org/docs/howto/cgi.html#butitsstillnotworking you'll
see what to do if you get a source-code listing (basically, you haven't
told apache that the content is executable).

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

>
>
>The symptom occurs with:
>
>a.  Mozilla 1.4.1 Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
>    rv:1.4.1) Gecko/20031008
>
>b.  Microsoft Internet Explorer 6.0.2800.1106
>
>c.  GNU Wget 1.8.2
>
>
>Apache version, httpd.conf, directory listings, and test file contents
>follow.
>
>
>Any suggestions?
>
>
>TIA,
>
>David
>--
>
>
>root@d3020g:~:CVS> uname -a
>Linux d3020g 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 unknown
>
>
>
>root@d3020g:~:CVS> apache -V
>Server version: Apache/1.3.26 (Unix) Debian GNU/Linux
>Server built:   Oct 26 2002 09:15:15
>Server's Module Magic Number: 19990320:13
>Server compiled with....
> -D EAPI
> -D HAVE_MMAP
> -D HAVE_SHMGET
> -D USE_SHMGET_SCOREBOARD
> -D USE_MMAP_FILES
> -D HAVE_FCNTL_SERIALIZED_ACCEPT
> -D HAVE_SYSVSEM_SERIALIZED_ACCEPT
> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
> -D HTTPD_ROOT="/usr"
> -D SUEXEC_BIN="/usr/lib/apache/suexec"
> -D DEFAULT_PIDLOG="/var/run/apache.pid"
> -D DEFAULT_SCOREBOARD="/var/run/apache.scoreboard"
> -D DEFAULT_LOCKFILE="/var/run/apache.lock"
> -D DEFAULT_ERRORLOG="/var/log/apache/error.log"
> -D TYPES_CONFIG_FILE="/etc/mime.types"
> -D SERVER_CONFIG_FILE="/etc/apache/httpd.conf"
> -D ACCESS_CONFIG_FILE="/etc/apache/access.conf"
> -D RESOURCE_CONFIG_FILE="/etc/apache/srm.conf"
>
>
>
>root@d3020g:~/d3020g/etc/apache:CVS> cvs -q diff -r 1.1 httpd.conf
>Index: httpd.conf
>===================================================================
>RCS file: /cvs/dpchrist/d3020g/etc/apache/httpd.conf,v
>retrieving revision 1.1
>retrieving revision 1.9
>diff -r1.1 -r1.9
>314a315
>> ServerName 192.168.254.2
>395a397,400
>> <Directory /home/*/public_html/cgi-bin>
>>     Options +ExecCGI
>> </Directory>
>>
>780a786
>>     AddHandler cgi-script .pl
>
>
>root@d3020g:~/d3020g/etc/apache:CVS> grep -v '^[ ]*#'
>/etc/apache/httpd.conf | grep -v '^$'
>ServerType standalone
>ServerRoot /etc/apache
>LockFile /var/lock/apache.lock
>PidFile /var/run/apache.pid
>ScoreBoardFile /var/run/apache.scoreboard
>Timeout 300
>KeepAlive On
>MaxKeepAliveRequests 100
>KeepAliveTimeout 15
>MinSpareServers 5
>MaxSpareServers 10
>StartServers 5
>MaxClients 150
>MaxRequestsPerChild 100
>LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config.so
>LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config_ssl.so
>LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
>LoadModule mime_module /usr/lib/apache/1.3/mod_mime.so
>LoadModule mime_module /usr/lib/apache/1.3/mod_mime_ssl.so
>LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
>LoadModule status_module /usr/lib/apache/1.3/mod_status.so
>LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
>LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
>LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
>LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so
>LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
>LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
>LoadModule access_module /usr/lib/apache/1.3/mod_access.so
>LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so
>LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
>LoadModule unique_id_module /usr/lib/apache/1.3/mod_unique_id.so
>LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
>ExtendedStatus On
>Port 80
>User www-data
>Group www-data
>ServerAdmin webmaster@d3020g
>ServerName 192.168.254.2
>DocumentRoot /var/www
><Directory />
>    Options SymLinksIfOwnerMatch
>    AllowOverride None
></Directory>
><Directory /var/www/>
>    Options Indexes Includes FollowSymLinks MultiViews
>    AllowOverride None
>    Order allow,deny
>    Allow from all
></Directory>
><IfModule mod_userdir.c>
>    UserDir public_html
></IfModule>
><Directory /home/*/public_html>
>    AllowOverride FileInfo AuthConfig Limit
>    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
>    <Limit GET POST OPTIONS PROPFIND>
>        Order allow,deny
>        Allow from all
>    </Limit>
>    <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
>        Order deny,allow
>        Deny from all
>    </Limit>
></Directory>
><Directory /home/*/public_html/cgi-bin>
>    Options +ExecCGI
></Directory>
><IfModule mod_dir.c>
>    DirectoryIndex index.html index.htm index.shtml index.cgi
></IfModule>
>AccessFileName .htaccess
><Files ~ "^\.ht">
>    Order allow,deny
>    Deny from all
></Files>
>UseCanonicalName On
>TypesConfig /etc/mime.types
>DefaultType text/plain
><IfModule mod_mime_magic.c>
>    MIMEMagicFile share/magic
></IfModule>
>HostnameLookups Off
>ErrorLog /var/log/apache/error.log
>LogLevel warn
>LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"
>%T %v" full
>LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"
>%P %T" debug
>LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" 
>\"%{User-Agent}i\""
>combined
>LogFormat "%h %l %u %t \"%r\" %>s %b" common
>LogFormat "%{Referer}i -> %U" referer
>LogFormat "%{User-agent}i" agent
>CustomLog /var/log/apache/access.log combined
>ServerSignature On
>Alias /icons/ /usr/share/apache/icons/
><Directory /usr/share/apache/icons>
>    Options Indexes MultiViews
>    AllowOverride None
>    Order allow,deny
>    Allow from all
></Directory>
>ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
><Directory /usr/lib/cgi-bin/>
>    AllowOverride None
>    Options ExecCGI
>    Order allow,deny
>    Allow from all
></Directory>
><IfModule mod_autoindex.c>
>    IndexOptions FancyIndexing NameWidth=*
>    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>    AddIconByType (TXT,/icons/text.gif) text/*
>    AddIconByType (IMG,/icons/image2.gif) image/*
>    AddIconByType (SND,/icons/sound2.gif) audio/*
>    AddIconByType (VID,/icons/movie.gif) video/*
>    AddIcon /icons/binary.gif .bin .exe
>    AddIcon /icons/binhex.gif .hqx
>    AddIcon /icons/tar.gif .tar
>    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
>    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
>    AddIcon /icons/a.gif .ps .ai .eps
>    AddIcon /icons/layout.gif .html .shtml .htm .pdf
>    AddIcon /icons/text.gif .txt
>    AddIcon /icons/c.gif .c
>    AddIcon /icons/p.gif .pl .py
>    AddIcon /icons/f.gif .for
>    AddIcon /icons/dvi.gif .dvi
>    AddIcon /icons/uuencoded.gif .uu
>    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
>    AddIcon /icons/tex.gif .tex
>    AddIcon /icons/bomb.gif core
>    AddIcon /icons/deb.gif .deb
>    AddIcon /icons/back.gif ..
>    AddIcon /icons/hand.right.gif README
>    AddIcon /icons/folder.gif ^^DIRECTORY^^
>    AddIcon /icons/blank.gif ^^BLANKICON^^
>    DefaultIcon /icons/unknown.gif
>    ReadmeName README
>    HeaderName HEADER
>    IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
></IfModule>
><IfModule mod_mime.c>
>    AddEncoding x-compress Z
>    AddEncoding x-gzip gz tgz
>    AddLanguage da .dk
>    AddLanguage nl .nl
>    AddLanguage en .en
>    AddLanguage et .ee
>    AddLanguage fr .fr
>    AddLanguage de .de
>    AddLanguage el .el
>    AddLanguage it .it
>    AddLanguage ja .ja
>    AddCharset ISO-2022-JP .jis
>    AddLanguage pl .po
>    AddCharset ISO-8859-2 .iso-pl
>    AddLanguage pt .pt
>    AddLanguage pt-br .pt-br
>    AddLanguage ltz .lu
>    AddLanguage ca .ca
>    AddLanguage es .es
>    AddLanguage sv .se
>    AddLanguage cz .cz
>    <IfModule mod_negotiation.c>
>        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca
>es sv
>    </IfModule>
>    AddType application/x-tar .tgz
>    AddType image/bmp .bmp
>    AddType text/x-hdml .hdml
>    AddHandler cgi-script .pl
></IfModule>
>AddDefaultCharset on
><IfModule mod_setenvif.c>
>    BrowserMatch "Mozilla/2" nokeepalive
>    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0
>force-response-1.0
>    BrowserMatch "RealPlayer 4\.0" force-response-1.0
>    BrowserMatch "Java/1\.0" force-response-1.0
>    BrowserMatch "JDK/1\.0" force-response-1.0
></IfModule>
><IfModule mod_perl.c>
>  Alias /perl/ /var/www/perl/
>  <Location /perl>
>    SetHandler perl-script
>    PerlHandler Apache::Registry
>    Options +ExecCGI
>  </Location>
></IfModule>
>Alias /doc/ /usr/share/doc/
><Location /doc>
>  order deny,allow
>  deny from all
>  allow from 127.0.0.0/255.0.0.0
>  Options Indexes FollowSymLinks MultiViews
></Location>
><IfModule mod_proxy.c>
></IfModule>
>
>
>
>ramdra3@d3020g:~:CVS> ll public_html/
>total 24
>drwxr-xr-x    4 ramdra3  ramdra3      4096 Oct 13 17:38 ./
>drwxr-xr-x   13 ramdra3  ramdra3      4096 Oct 13 17:38 ../
>drwxr-xr-x    2 ramdra3  ramdra3      4096 Oct 13 17:38 CVS/
>drwxr-xr-x    4 ramdra3  ramdra3      4096 Oct 13 17:38 cgi-bin/
>-rw-r--r--    1 ramdra3  ramdra3        55 Oct 13 17:38 hello.html
>-rw-r--r--    1 ramdra3  ramdra3       476 Oct 13 17:38 index.html
>
>
>
>ramdra3@d3020g:~:CVS> cat public_html/hello.html
><html><head></head><body>
>Hello, world!
></body></html>
>
>
>
>ramdra3@d3020g:~:CVS> ll public_html/cgi-bin/
>total 24
>drwxr-xr-x    4 ramdra3  ramdra3      4096 Oct 13 17:38 ./
>drwxr-xr-x    4 ramdra3  ramdra3      4096 Oct 13 17:38 ../
>drwxr-xr-x    2 ramdra3  ramdra3      4096 Oct 13 17:38 CVS/
>-rwxr-xr-x    1 ramdra3  ramdra3       119 Oct 13 17:38 hello.pl*
>drwxr-xr-x    3 ramdra3  ramdra3      4096 Oct 13 17:38 images/
>-rwxr-xr-x    1 ramdra3  ramdra3       244 Oct 13 17:38 ramdragon.pl*
>
>
>
>ramdra3@d3020g:~:CVS> cat public_html/cgi-bin/hello.pl
>#! /usr/bin/perl -wT
>
>print <<EOF;
>Content-Type: text/html
>
><html><head></head><body>
>Hello, world!
></body></html>
>EOF
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message