| <?xml version="1.0"?> |
| <!DOCTYPE xml:manual [ <!ENTITY nbsp " "> ]> |
| <?xml-stylesheet type="text/xsl" href="../style/manual.xsl"?> |
| <modulesynopsis> |
| |
| <name>mod_cgi</name> |
| <description>Execution of CGI scripts</description> |
| <status>Base</status> |
| <sourcefile>mod_cgi.c</sourcefile> |
| <identifier>cgi_module</identifier> |
| |
| <summary> |
| <!-- XXX: Should have references to CGI definition/RFC --> |
| <!-- XXX: Should mention Options ExecCGI --> |
| <!-- XXX: Should mention AcceptPathInfo --> |
| |
| <p>Any file that has the mime type |
| <code>application/x-httpd-cgi</code> or handler |
| <code>cgi-script</code> (Apache 1.1 or later) will be treated |
| as a CGI script, and run by the server, with its output being |
| returned to the client. Files acquire this type either by |
| having a name containing an extension defined by the |
| <directive module="mod_mime">AddType</directive> directive, or by being |
| in a <directive module="mod_alias">ScriptAlias</directive> |
| directory.</p> |
| |
| <p>When the server invokes a CGI script, it will add a variable |
| called <code>DOCUMENT_ROOT</code> to the environment. This |
| variable will contain the value of the |
| <directive module="core.html">DocumentRoot</directive> configuration |
| variable.</p> |
| |
| <p>For an introduction to using CGI scripts with Apache, see |
| our tutorial on <a href="../howto/cgi.html">Dynamic Content |
| With CGI</a>.</p> |
| |
| <p>When using a multi-threaded MPM under unix, the module |
| <module>mod_cgid</module> should be used in place of |
| this module. At the user level, the two modules are essentially |
| identical.</p> |
| </summary> |
| |
| <seealso><directive module="core">Options</directive></seealso> |
| <seealso><directive module="mod_alias">ScriptAlias</directive></seealso> |
| <seealso><directive module="mod_mime">AddHandler</directive></seealso> |
| |
| <section><title>CGI Environment variables</title> |
| <p>The server will set the CGI environment variables as described |
| in the <a href="http://hoohoo.ncsa.uiuc.edu/cgi/">CGI |
| specification</a>, with the following provisions:</p> |
| |
| <dl> |
| <dt>PATH_INFO</dt> |
| |
| <dd>This will not be available if the <directive module="core" |
| >AcceptPathInfo</directive> directive is explicitly set to |
| <code>off</code>. The default behavior, if AcceptPathInfo is |
| not given, is that mod_cgi will accept path info (trailing |
| /more/path/info following the script filename in the URI), while |
| the core server will return a 404 NOT FOUND error for requests |
| with additional path info. Omitting the AcceptPathInfo |
| directive has the same effect as setting it <code>on</code> for |
| mod_cgi requests.</dd> |
| |
| <dt>REMOTE_HOST</dt> |
| |
| <dd>This will only be set if <directive module="core" |
| >HostnameLookups</directive> is set to <code>on</code> (it |
| is off by default), and if a reverse DNS lookup of the accessing |
| host's address indeed finds a host name.</dd> |
| |
| <dt>REMOTE_IDENT</dt> |
| |
| <dd>This will only be set if <directive module="core" |
| >IdentityCheck</directive> is set to |
| <code>on</code> and the accessing host supports the ident |
| protocol. Note that the contents of this variable cannot be |
| relied upon because it can easily be faked, and if there is a |
| proxy between the client and the server, it is usually |
| totally useless.</dd> |
| |
| <dt>REMOTE_USER</dt> |
| |
| <dd>This will only be set if the CGI script is subject to |
| authentication.</dd> |
| </dl> |
| </section> |
| |
| <section id="cgi_debug"><title>CGI Debugging</title> |
| <p>Debugging CGI scripts has traditionally been difficult, mainly |
| because it has not been possible to study the output (standard |
| output and error) for scripts which are failing to run |
| properly. These directives, included in Apache 1.2 and later, |
| provide more detailed logging of errors when they occur. </p> |
| |
| <section><title>CGI Logfile Format</title> |
| <p>When configured, the CGI error log logs any CGI which does not |
| execute properly. Each CGI script which fails to operate causes |
| several lines of information to be logged. The first two lines |
| are always of the format:</p> |
| <example> |
| %% [<em>time</em>] <em>request-line</em><br /> |
| %% <em>HTTP-status</em> <em>CGI-script-filename</em> |
| </example> |
| <p>If the error is that CGI script cannot be run, the log file |
| will contain an extra two lines:</p> |
| <example> |
| %%error<br /> |
| <em>error-message</em> |
| </example> |
| <p>Alternatively, if the error is the result of the script |
| returning incorrect header information (often due to a bug in |
| the script), the following information is logged: </p> |
| <example> |
| %request<br /> |
| <em>All HTTP request headers received</em><br /> |
| <em>POST or PUT entity (if any)</em><br /> |
| %response<br /> |
| <em>All headers output by the CGI script</em><br /> |
| %stdout<br /> |
| <em>CGI standard output</em><br /> |
| %stderr<br /> |
| <em>CGI standard error</em><br /> |
| </example> |
| <p>(The %stdout and %stderr parts may be missing if the script did |
| not output anything on standard output or standard error). </p> |
| </section> |
| </section> |
| |
| <directivesynopsis> |
| <name>ScriptLog</name> |
| <description>Location of the CGI script error logfile</description> |
| <syntax>ScriptLog <em>file-path</em></syntax> |
| <contextlist><context>server config</context></contextlist> |
| <modulelist><module>mod_cgi</module><module>mod_cgid</module> |
| </modulelist> |
| |
| <usage> |
| <p>The <directive>ScriptLog</directive> directive sets the CGI |
| script error logfile. If no ScriptLog is given, no error log is |
| created. If given, any CGI errors are logged into the filename |
| given as argument. If this is a relative file or path it is taken |
| relative to the server root.</p> |
| |
| <p>This log will be opened as the user the child processes run |
| as, ie. the user specified in the main <directive module="mpm_common" |
| >User</directive> directive. This means that |
| either the directory the script log is in needs to be writable |
| by that user or the file needs to be manually created and set |
| to be writable by that user. If you place the script log in |
| your main logs directory, do <strong>NOT</strong> change the |
| directory permissions to make it writable by the user the child |
| processes run as.</p> |
| |
| <p>Note that script logging is meant to be a debugging feature |
| when writing CGI scripts, and is not meant to be activated |
| continuously on running servers. It is not optimized for speed |
| or efficiency, and may have security problems if used in a |
| manner other than that for which it was designed.</p> |
| </usage> |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| <name>ScriptLogLength</name> |
| <description>Size limit of the CGI script logfile</description> |
| <syntax>ScriptLogLength <em>bytes</em></syntax> |
| <default>ScriptLogLength 10385760</default> |
| <contextlist><context>server config</context></contextlist> |
| <modulelist><module>mod_cgi</module><module>mod_cgid</module> |
| </modulelist> |
| |
| <usage> |
| <p><directive>ScriptLogLength</directive> can be used to limit the |
| size of the CGI script logfile. Since the logfile logs a lot of |
| information per CGI error (all request headers, all script output) |
| it can grow to be a big file. To prevent problems due to unbounded |
| growth, this directive can be used to set an maximum file-size for |
| the CGI logfile. If the file exceeds this size, no more |
| information will be written to it.</p> |
| </usage> |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| <name>ScriptLogBuffer</name> |
| <description>Maximum amount of PUT or POST requests that will be recorded |
| in the scriptlog</description> |
| <syntax>ScriptLogBuffer <em>bytes</em></syntax> |
| <default>ScriptLogBuffer 1024</default> |
| <contextlist><context>server config</context></contextlist> |
| <modulelist><module>mod_cgi</module><module>mod_cgid</module> |
| </modulelist> |
| |
| <usage> |
| <p>The size of any PUT or POST entity body that is logged to |
| the file is limited, to prevent the log file growing too big |
| too quickly if large bodies are being received. By default, up |
| to 1024 bytes are logged, but this can be changed with this |
| directive.</p> |
| </usage> |
| </directivesynopsis> |
| |
| </modulesynopsis> |