|
Apache HTTP Server Version 1.3
Module mod_cgi
This module provides for execution of CGI scripts.
Status:
Base
Source
File: mod_cgi.c
Module
Identifier: cgi_module
Summary
Any file that has the mime type application/x-httpd-cgi or handler cgi-script
(Apache 1.1 or later) will be treated as a CGI script, and run by the server, with its output
being returned to the client. Files acquire this type either by having a name containing an
extension defined by the
AddType
directive, or by being in a
ScriptAlias directory.
Files that are not in a
ScriptAlias
directory, but which are of type application/x-httpd-cgi by virtue of an AddType
directive, will still not be executed by the server unless Options ExecCGI is
enabled. See the Options
directive for more details.
When the server invokes a CGI script, it will add a variable called DOCUMENT_ROOT
to the environment. This variable will contain the value of the
DocumentRoot configuration
variable.
For an introduction to using CGI scripts with Apache, see our tutorial on
Dynamic Content with CGI.
Directives
See also: Options,
ScriptAlias,
AddType and
AddHandler.
CGI Environment variables
The server will set the CGI environment variables as described in the
CGI specification, with the following provisions:
- REMOTE_HOST
- This will only be set if
HostnameLookups
is set to on (it is off by default), and if a reverse DNS lookup of the
accessing host's address indeed finds a host name.
- REMOTE_IDENT
- This will only be set if
IdentityCheck is set
to
on and the accessing host supports the ident protocol. Note that the
contents of this variable cannot be relied upon because it can easily be faked, and if
there is a proxy between the client and the server, it is usually totally useless.
- REMOTE_USER
- This will only be set if the CGI script is subject to authentication.
Debugging CGI scripts has traditionally been difficult, mainly because it has not been
possible to study the output (standard output and error) for scripts which are failing to run
properly. These directives, included in Apache 1.2 and later, provide more detailed logging of
errors when they occur.
CGI Logfile Format
When configured, the CGI error log logs any CGI which does not execute properly. Each CGI
script which fails to operate causes several lines of information to be logged. The first two
lines are always of the format:
%% [time] request-line
%% HTTP-status CGI-script-filename
If the error is that CGI script cannot be run, the log file will contain an extra two lines:
%%error
error-message
Alternatively, if the error is the result of the script returning incorrect header information
(often due to a bug in the script), the following information is logged:
%request
All HTTP request headers received
POST or PUT entity (if any)
%response
All headers output by the CGI script
%stdout
CGI standard output
%stderr
CGI standard error
(The %stdout and %stderr parts may be missing if the script did not output anything on
standard output or standard error).
Syntax:
ScriptLog filename
Default:
none
Context:
server config
Status:
mod_cgi
The ScriptLog directive sets the CGI script error logfile. If no ScriptLog is
given, no error log is created. If given, any CGI errors are logged into the filename given as
argument. If this is a relative file or path it is taken relative to the server root.
This log will be opened as the user the child processes run as, ie. the user specified in
the main User directive. This
means that either the directory the script log is in needs to be writable by that user or the
file needs to be manually created and set to be writable by that user. If you place the script
log in your main logs directory, do NOT change the directory permissions to
make it writable by the user the child processes run as.
Note that script logging is meant to be a debugging feature when writing CGI scripts, and
is not meant to be activated continuously on running servers. It is not optimized for speed or
efficiency, and may have security problems if used in a manner other than that for which it
was designed.
Syntax:
ScriptLogLength bytes
Default:
10385760
Context:
server config
Status:
mod_cgi
ScriptLogLength can be used to limit the size of the CGI script logfile. Since the
logfile logs a lot of information per CGI error (all request headers, all script output) it
can grow to be a big file. To prevent problems due to unbounded growth, this directive can be
used to set an maximum file-size for the CGI logfile. If the file exceeds this size, no more
information will be written to it.
Syntax:
ScriptLogBuffer bytes
Default:
1024
Context:
server config
Status:
mod_cgi
The size of any PUT or POST entity body that is logged to the file is limited, to prevent
the log file growing too big too quickly if large bodies are being received. By default, up to
1024 bytes are logged, but this can be changed with this directive.
|
