www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steven E.Brenner <cgi-...@pobox.com>
Subject config/1385: AddHander incorrectly interprprets extension of .cgi.txt
Date Mon, 10 Nov 1997 08:57:44 GMT

>Number:         1385
>Category:       config
>Synopsis:       AddHander incorrectly interprprets extension of .cgi.txt
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Mon Nov 10 02:10:01 PST 1997
>Last-Modified:
>Originator:     cgi-lib@pobox.com
>Organization:
apache
>Release:        1.2.4
>Environment:
IRIX tao 5.3 02091401 IP22 mips
cc compiler
>Description:
In srm.conf, I uncommented the line:
    AddHandler cgi-script .cgi

However, this caused files like "foo.cgi.txt" to be executed
as CGI scripts, even though the extension was just ".txt" and
the file was not intended to be interpreted as as script.
>How-To-Repeat:
Create a file foo.cgi.txt, without execute permissions.  The
server will attempt to execute this file, fail, and generate
an error.

If it has execute permissions, the file will be executed.
>Fix:
Correct AddHander's detection of file extension.

A work-around is to use the line:
    AddType application/x-httpd-cgi .cg
>Audit-Trail:
>Unformatted:


Mime
View raw message