You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by "Steven E.Brenner" <cg...@pobox.com> on 1997/11/10 09:57:44 UTC

config/1385: AddHander incorrectly interprprets extension of .cgi.txt

>Number:         1385
>Category:       config
>Synopsis:       AddHander incorrectly interprprets extension of .cgi.txt
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Mon Nov 10 02:10:01 PST 1997
>Last-Modified:
>Originator:     cgi-lib@pobox.com
>Organization:
apache
>Release:        1.2.4
>Environment:
IRIX tao 5.3 02091401 IP22 mips
cc compiler
>Description:
In srm.conf, I uncommented the line:
    AddHandler cgi-script .cgi

However, this caused files like "foo.cgi.txt" to be executed
as CGI scripts, even though the extension was just ".txt" and
the file was not intended to be interpreted as as script.
>How-To-Repeat:
Create a file foo.cgi.txt, without execute permissions.  The
server will attempt to execute this file, fail, and generate
an error.

If it has execute permissions, the file will be executed.
>Fix:
Correct AddHander's detection of file extension.

A work-around is to use the line:
    AddType application/x-httpd-cgi .cg
>Audit-Trail:
>Unformatted: