Ensure it's abundently clear that these scripts may be bad news

with stupid-assed clients which contravine their prime directives, such as content-type, or do not harm humans. Flaws such as utf-7 decoding ensure that even txt->html transforms are insufficient. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@692727 13f79535-47bb-0310-9956-ffa450edef68
2025-08-01 07:26:57 +03:00 · 2008-09-06 20:26:15 +00:00
parent 0c13c0a269
commit d527d17cc5
2 changed files with 19 additions and 2 deletions
--- a/docs/cgi-examples/test-cgi
+++ b/docs/cgi-examples/test-cgi
@ -1,4 +1,12 @@
-#!/bin/sh
+#
+
+# To permit this cgi, replace # on the first line above with the
+# appropriate #!/path/to/sh shebang, and set this script executable
+# with chmod 755.
+#
+# Note that it is subject to cross site scripting attacks on MS IE
+# and any other browser which fails to honor RFC2616, so never use
+# it in a live server environment, it is provided only for testing.

 # disable filename globbing
 set -f