You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "Roy T. Fielding" <fi...@gbiv.com> on 2005/10/15 21:40:59 UTC
[PATCH] remove block on OPTIONS from mod_cgi
I objected to this code when it was first added (13 Aug 1996)
as part of Alexei's huge HTTP/1.1 patch and for some unknown
reason I forgot to remove it.
<http://mail-archives.apache.org/mod_mbox/httpd-dev/199608.mbox/
%3c9608132318.aa12603@paris.ics.uci.edu%3e>
It has been featured in multiple PRs since then for both GNATS (4490)
and Bugzilla (PR 15242). Are there any objections to removing it now,
both here and in mod_cgid? It is currently preventing folks from
implementing new services (WEBDAV and Atom, among others) via CGI.
....Roy
Index: mod_cgi.c
===================================================================
--- mod_cgi.c (revision 321466)
+++ mod_cgi.c (working copy)
@@ -756,13 +756,6 @@
p = r->main ? r->main->pool : r->pool;
- if (r->method_number == M_OPTIONS) {
- /* 99 out of 100 CGI scripts, this is all they support */
- r->allowed |= (AP_METHOD_BIT << M_GET);
- r->allowed |= (AP_METHOD_BIT << M_POST);
- return DECLINED;
- }
-
argv0 = apr_filepath_name_get(r->filename);
nph = !(strncmp(argv0, "nph-", 4));
conf = ap_get_module_config(r->server->module_config, &cgi_module);
Re: [PATCH] remove block on OPTIONS from mod_cgi
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
Roy T.Fielding wrote:
> It has been featured in multiple PRs since then for both GNATS (4490)
> and Bugzilla (PR 15242). Are there any objections to removing it now,
> both here and in mod_cgid? It is currently preventing folks from
> implementing new services (WEBDAV and Atom, among others) via CGI.
++1. Although it's really time for the CGI spec rev 1.2 or 2.0 to spell
out for authors what to expect. And, if we fail to get a spec through,
at least a reference document for Apache httpd cgi authors would be good.
Bill
Re: [PATCH] remove block on OPTIONS from mod_cgi
Posted by Paul Querna <ch...@force-elite.com>.
Roy T.Fielding wrote:
> I objected to this code when it was first added (13 Aug 1996)
> as part of Alexei's huge HTTP/1.1 patch and for some unknown
> reason I forgot to remove it.
+1, remove it from here and mod_cgid
>
> <http://mail-archives.apache.org/mod_mbox/httpd-dev/199608.mbox/%3c9608132318.aa12603@paris.ics.uci.edu%3e>
>
>
> It has been featured in multiple PRs since then for both GNATS (4490)
> and Bugzilla (PR 15242). Are there any objections to removing it now,
> both here and in mod_cgid? It is currently preventing folks from
> implementing new services (WEBDAV and Atom, among others) via CGI.
>
> ....Roy
>
>
> Index: mod_cgi.c
> ===================================================================
> --- mod_cgi.c (revision 321466)
> +++ mod_cgi.c (working copy)
> @@ -756,13 +756,6 @@
>
> p = r->main ? r->main->pool : r->pool;
>
> - if (r->method_number == M_OPTIONS) {
> - /* 99 out of 100 CGI scripts, this is all they support */
> - r->allowed |= (AP_METHOD_BIT << M_GET);
> - r->allowed |= (AP_METHOD_BIT << M_POST);
> - return DECLINED;
> - }
> -
> argv0 = apr_filepath_name_get(r->filename);
> nph = !(strncmp(argv0, "nph-", 4));
> conf = ap_get_module_config(r->server->module_config, &cgi_module);
Re: [PATCH] remove block on OPTIONS from mod_cgi
Posted by André Malo <nd...@perlig.de>.
* Roy T. Fielding wrote:
> On Oct 15, 2005, at 12:54 PM, André Malo wrote:
> > I'm wondering, how many scripts this will break. Perhaps we should
> > provide
> > an option?
>
> It can't break a script. It could expose a broken script,
That's what I meant ;)
> but then
> those scripts are already exposed to all of the other methods.
But that's true as well. Alright, +1 from here.
nd
--
"Das Verhalten von Gates hatte mir bewiesen, dass ich auf ihn und seine
beiden Gefährten nicht zu zählen brauchte" -- Karl May, "Winnetou III"
Im Westen was neues: <http://pub.perlig.de/books.html#apache2>
Re: [PATCH] remove block on OPTIONS from mod_cgi
Posted by "Roy T. Fielding" <fi...@gbiv.com>.
On Oct 15, 2005, at 12:54 PM, André Malo wrote:
> I'm wondering, how many scripts this will break. Perhaps we should
> provide
> an option?
It can't break a script. It could expose a broken script, but then
those scripts are already exposed to all of the other methods.
It is far better to fix the script locally than disable a feature
of HTTP globally out of fear that bugs might exist elsewhere.
In any case, the option is LimitExcept.
....Roy
Re: [PATCH] remove block on OPTIONS from mod_cgi
Posted by André Malo <nd...@perlig.de>.
* Roy T. Fielding wrote:
> I objected to this code when it was first added (13 Aug 1996)
> as part of Alexei's huge HTTP/1.1 patch and for some unknown
> reason I forgot to remove it.
>
> <http://mail-archives.apache.org/mod_mbox/httpd-dev/199608.mbox/
> %3c9608132318.aa12603@paris.ics.uci.edu%3e>
>
> It has been featured in multiple PRs since then for both GNATS (4490)
> and Bugzilla (PR 15242). Are there any objections to removing it now,
> both here and in mod_cgid? It is currently preventing folks from
> implementing new services (WEBDAV and Atom, among others) via CGI.
I'm wondering, how many scripts this will break. Perhaps we should provide
an option?
(+1 on concept)
nd
--
sub the($){+shift} sub answer (){ord q
[* It is always 42! *] }
print the answer
# André Malo # http://www.perlig.de/ #