www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-09-13 22:01:52 +03:00
Code Activity

markup & formatting

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98066 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
André Malo
2002-12-22 15:22:49 +00:00
parent 7ebbc7c91d
commit 846c8dc55f
2 changed files with 212 additions and 229 deletions
Download Patch File Download Diff File Expand all files Collapse all files

214
docs/manual/howto/cgi.html.en
View File

@@ -60,32 +60,29 @@
it, when that particular resource is requested by a
client.</p>
<p>The
<code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
<p>The <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
directive looks like:</p>
<div class="example"><p><code>ScriptAlias /cgi-bin/ /usr/local/apache/cgi-bin/</code></p></div>
<p>The example shown is from your default
<code>httpd.conf</code>
<div class="example"><p><code>
ScriptAlias /cgi-bin/ /usr/local/apache/cgi-bin/
</code></p></div>
<p>The example shown is from your default <code>httpd.conf</code>
configuration file, if you installed Apache in the default
location. The <code>ScriptAlias</code> directive is much like the
<code>Alias</code> directive, which defines a URL prefix that
is to mapped to a particular directory. <code>Alias</code>
and <code>ScriptAlias</code> are usually used for directories
that are outside of the <code>DocumentRoot</code> directory.
The difference between <code>Alias</code> and
<code>ScriptAlias</code> is that <code>ScriptAlias</code>
has the added meaning that everything under that URL prefix
will be considered a CGI program. So, the example above tells
Apache that any request for a resource beginning with
<code>/cgi-bin/</code> should be served from the directory
<code>/usr/local/apache/cgi-bin/</code>, and should be treated
as a CGI program.</p>
location. The <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
directive is much like the <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> directive, which defines a URL prefix that
is to mapped to a particular directory. <code class="directive">Alias</code>
and <code class="directive">ScriptAlias</code> are usually used for
directories that are outside of the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directory. The difference between
<code class="directive">Alias</code> and <code class="directive">ScriptAlias</code>
is that <code class="directive">ScriptAlias</code> has the added meaning
that everything under that URL prefix will be considered a CGI
program. So, the example above tells Apache that any request for a
resource beginning with <code>/cgi-bin/</code> should be served from
the directory <code>/usr/local/apache/cgi-bin/</code>, and should be
treated as a CGI program.</p>
<p>For example, if the URL
<p>For example, if the URL
<code>http://www.example.com/cgi-bin/test.pl</code>
is requested, Apache will attempt to execute the file
<code>/usr/local/apache/cgi-bin/test.pl</code>
@@ -97,66 +94,71 @@
<h3><a name="nonscriptalias" id="nonscriptalias">CGI outside of ScriptAlias directories</a></h3>
<p>CGI programs are often restricted to
<code>ScriptAlias</code>'ed directories for security reasons.
In this way,
administrators can tightly control who is allowed to use CGI
programs. However, if the proper security precautions are
<p>CGI programs are often restricted to <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>'ed directories for security reasons.
In this way, administrators can tightly control who is allowed to
use CGI programs. However, if the proper security precautions are
taken, there is no reason why CGI programs cannot be run from
arbitrary directories. For example, you may wish to let users
have web content in their home directories with the
<code>UserDir</code> directive. If they want to have their own
CGI programs, but don't have access to the main
<code>cgi-bin</code> directory, they will need to be able to
<code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> directive.
If they want to have their own CGI programs, but don't have access to
the main <code>cgi-bin</code> directory, they will need to be able to
run CGI programs elsewhere.</p>
<h3><a name="options" id="options">Explicitly using Options to permit CGI execution</a></h3>
<p>You could explicitly use the <code>Options</code>
directive, inside your main server configuration file, to
specify that CGI execution was permitted in a particular
<p>You could explicitly use the <code class="directive"><a href="../mod/core.html#options">Options</a></code> directive, inside your main server configuration
file, to specify that CGI execution was permitted in a particular
directory:</p>
<div class="example"><p><code>&lt;Directory /usr/local/apache/htdocs/somedir&gt; <br />
Options +ExecCGI<br />
&lt;/Directory&gt;</code></p></div>
<div class="example"><p><code>
&lt;Directory /usr/local/apache/htdocs/somedir&gt;<br />
<span class="indent">
Options +ExecCGI<br />
</span>
&lt;/Directory&gt;
</code></p></div>
<p>The above directive tells Apache to permit the execution
of CGI files. You will also need to tell the server what
files are CGI files. The following
<code>AddHandler</code>
files are CGI files. The following <code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> directive tells the server to treat all
files with the <code>cgi</code> or <code>pl</code> extension as CGI
programs:</p>
directive tells the server to treat all files with the
<code>cgi</code> or <code>pl</code> extension as CGI programs:</p>
<div class="example"><p><code>AddHandler cgi-script cgi pl</code></p></div>
<div class="example"><p><code>
AddHandler cgi-script cgi pl
</code></p></div>
<h3><a name="htaccess" id="htaccess">.htaccess files</a></h3>
<p>A <code>.htaccess</code> file is a way to set configuration
directives on a per-directory basis. When Apache serves a
resource, it looks in the directory from which it is serving
<p>A <a href="htaccess.html"><code>.htaccess</code> file</a> is a way
to set configuration directives on a per-directory basis. When Apache
serves a resource, it looks in the directory from which it is serving
a file for a file called <code>.htaccess</code>, and, if it
finds it, it will apply directives found therein.
<code>.htaccess</code> files can be permitted with the
<code>AllowOverride</code> directive, which specifies what
types of directives can
<code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> directive,
which specifies what types of directives can
appear in these files, or if they are not allowed at all. To
permit the directive we will need for this purpose, the
following configuration will be needed in your main server
configuration:</p>
<div class="example"><p><code>AllowOverride Options</code></p></div>
<div class="example"><p><code>
AllowOverride Options
</code></p></div>
<p>In the <code>.htaccess</code> file, you'll need the
following directive:</p>
<div class="example"><p><code>Options +ExecCGI</code></p></div>
<div class="example"><p><code>
Options +ExecCGI
</code></p></div>
<p>which tells Apache that execution of CGI programs is
permitted in this directory.</p>
@@ -174,7 +176,9 @@
what sort of content it is receiving. Most of the time, this
will look like:</p>
<div class="example"><p><code>Content-type: text/html</code></p></div>
<div class="example"><p><code>
Content-type: text/html
</code></p></div>
<p>Secondly, your output needs to be in HTML, or some other
format that a browser will be able to display. Most of the
@@ -193,9 +197,10 @@
file called <code>first.pl</code>, and put it in your
<code>cgi-bin</code> directory.</p>
<div class="example"><p><code>#!/usr/bin/perl<br />
print "Content-type: text/html\n\n";<br />
print "Hello, World.";
<div class="example"><p><code>
#!/usr/bin/perl<br />
print "Content-type: text/html\n\n";<br />
print "Hello, World.";
</code></p></div>
<p>Even if you are not familiar with Perl, you should be able
@@ -207,20 +212,20 @@
talked about, followed by two carriage-return newline pairs.
This puts a blank line after the header, to indicate the end
of the HTTP headers, and the beginning of the body. The third
line prints the string ``Hello, World.'' And that's the end
line prints the string "Hello, World.". And that's the end
of it.</p>
<p>If you open your favorite browser and tell it to get the
address</p>
<div class="example"><p><code>http://www.example.com/cgi-bin/first.pl</code></p></div>
<div class="example"><p><code>
http://www.example.com/cgi-bin/first.pl
</code></p></div>
<p>or wherever you put your file, you will see the one line
<code>Hello, World.</code>
appear in your browser window. It's not very exciting, but
once you get that working, you'll have a good chance of
getting just about anything working.</p>
<code>Hello, World.</code> appear in your browser window.
It's not very exciting, but once you get that working, you'll
have a good chance of getting just about anything working.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
@@ -232,35 +237,21 @@
<dl>
<dt>The output of your CGI program</dt>
<dd>Great! That means everything worked fine.
</dd>
<dd>Great! That means everything worked fine.</dd>
<dt>The source code of your CGI program or a "POST Method Not
Allowed" message</dt>
<dd>That means that you have not properly configured Apache
to process your CGI program. Reread the section on
<a href="#configuringapachetopermitcgi">configuring
Apache</a>
and try to find what you missed.
</dd>
Apache</a> and try to find what you missed.</dd>
<dt>A message starting with "Forbidden"</dt>
<dd>That means that there is a permissions problem. Check the
<a href="#errorlogs">Apache error log</a>
and the section below on
<a href="#permissions">file permissions</a>.
<br />
</dd>
<a href="#errorlogs">Apache error log</a> and the section below on
<a href="#permissions">file permissions</a>.</dd>
<dt>A message saying "Internal Server Error"</dt>
<dd>If you check the
<a href="#errorlogs">Apache error log</a>, you will probably
find that it says "Premature end of
@@ -276,22 +267,23 @@
<p>Remember that the server does not run as you. That is,
when the server starts up, it is running with the permissions
of an unprivileged user - usually ``nobody'', or ``www'' -
and so it will need extra permissions to execute files that
are owned by you. Usually, the way to give a file sufficient
permissions to be executed by ``nobody'' is to give everyone
execute permission on the file:</p>
of an unprivileged user - usually <code>nobody</code>, or
<code>www</code> - and so it will need extra permissions to
execute files that are owned by you. Usually, the way to give
a file sufficient permissions to be executed by <code>nobody</code>
is to give everyone execute permission on the file:</p>
<div class="example"><p><code>chmod a+x first.pl</code></p></div>
<div class="example"><p><code>
chmod a+x first.pl
</code></p></div>
<p>Also, if your program reads from, or writes to, any other
files, those files will need to have the correct permissions
to permit this.</p>
<p>The exception to this is when the server is configured to
use <a href="../suexec.html">suexec</a>.
This program allows CGI programs to be run under different
use <a href="../suexec.html">suexec</a>. This program allows
CGI programs to be run under different
user permissions, depending on which virtual host or user
home directory they are located in. Suexec has very strict
permission checking, and any failure in that checking will
@@ -319,7 +311,9 @@
interpreter (often <code>perl</code>) indicated in the first
line of your CGI program, which will look something like:</p>
<div class="example"><p><code>#!/usr/bin/perl</code></p></div>
<div class="example"><p><code>
#!/usr/bin/perl
</code></p></div>
<p>Make sure that this is in fact the path to the
interpreter.</p>
@@ -356,7 +350,7 @@
become useful to understand more about what's happening behind
the scenes. Specifically, how the browser and server
communicate with one another. Because although it's all very
well to write a program that prints ``Hello, World.'', it's not
well to write a program that prints "Hello, World.", it's not
particularly useful.</p>
<h3><a name="env" id="env">Environment variables</a></h3>
@@ -379,9 +373,7 @@
<p>These variables are available to the CGI programmer, and
are half of the story of the client-server communication. The
complete list of required variables is at
<a href="http://hoohoo.ncsa.uiuc.edu/cgi/env.html">
http://hoohoo.ncsa.uiuc.edu/cgi/env.html</a>
</p>
<a href="http://hoohoo.ncsa.uiuc.edu/cgi/env.html">http://hoohoo.ncsa.uiuc.edu/cgi/env.html</a>.</p>
<p>This simple Perl CGI program will display all of the
environment variables that are being passed around. Two
@@ -393,15 +385,17 @@
see some variables listed that were not in the official list.
In addition, Apache provides many different ways for you to
<a href="../env.html">add your own environment variables</a>
to the basic ones provided by default.</p>
<div class="example"><p><code>
#!/usr/bin/perl<br />
print "Content-type: text/html\n\n";<br />
foreach $key (keys %ENV) {<br />
print "$key --&gt; $ENV{$key}&lt;br&gt;";<br />
}</code></p></div>
#!/usr/bin/perl<br />
print "Content-type: text/html\n\n";<br />
foreach $key (keys %ENV) {<br />
<span class="indent">
print "$key --&gt; $ENV{$key}&lt;br&gt;";<br />
</span>
}
</code></p></div>
<h3><a name="stdin" id="stdin">STDIN and STDOUT</a></h3>
@@ -420,7 +414,7 @@
The program then can process that data as though it was
coming in from the keyboard, or from a file</p>
<p>The ``special format'' is very simple. A field name and
<p>The "special format" is very simple. A field name and
its value are joined together with an equals (=) sign, and
pairs of values are joined together with an ampersand
(&amp;). Inconvenient characters like spaces, ampersands, and
@@ -429,7 +423,7 @@
something like:</p>
<div class="example"><p><code>
name=Rich%20Bowen&amp;city=Lexington&amp;state=KY&amp;sidekick=Squirrel%20Monkey
name=Rich%20Bowen&amp;city=Lexington&amp;state=KY&amp;sidekick=Squirrel%20Monkey
</code></p></div>
<p>You'll sometimes also see this type of string appended to
@@ -456,14 +450,13 @@
<p>If you're writing CGI programs in Perl, modules are
available on <a href="http://www.cpan.org/">CPAN</a>. The most
popular module for this purpose is CGI.pm. You might
also consider CGI::Lite, which implements a minimal set of
functionality, which is all you need in most programs.</p>
popular module for this purpose is <code>CGI.pm</code>. You might
also consider <code>CGI::Lite</code>, which implements a minimal
set of functionality, which is all you need in most programs.</p>
<p>If you're writing CGI programs in C, there are a variety of
options. One of these is the CGIC library, from
<a href="http://www.boutell.com/cgic/">http://www.boutell.com/cgic/</a>
</p>
options. One of these is the <code>CGIC</code> library, from
<a href="http://www.boutell.com/cgic/">http://www.boutell.com/cgic/</a>.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="moreinfo" id="moreinfo">For more information</a></h2>
@@ -471,20 +464,15 @@
<p>There are a large number of CGI resources on the web. You
can discuss CGI problems with other users on the Usenet group
comp.infosystems.www.authoring.cgi. And the -servers mailing
<a href="news:comp.infosystems.www.authoring.cgi">comp.infosystems.www.authoring.cgi</a>. And the -servers mailing
list from the HTML Writers Guild is a great source of answers
to your questions. You can find out more at
<a href="http://www.hwg.org/lists/hwg-servers/">
http://www.hwg.org/lists/hwg-servers/</a>
</p>
<a href="http://www.hwg.org/lists/hwg-servers/">http://www.hwg.org/lists/hwg-servers/</a>.</p>
<p>And, of course, you should probably read the CGI
specification, which has all the details on the operation of
CGI programs. You can find the original version at the
<a href="http://hoohoo.ncsa.uiuc.edu/cgi/interface.html">
NCSA</a>
and there is an updated draft at the
<a href="http://hoohoo.ncsa.uiuc.edu/cgi/interface.html">NCSA</a> and there is an updated draft at the
<a href="http://web.golux.com/coar/cgi/">Common Gateway
Interface RFC project</a>.</p>