summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2017-01-06 18:03:02 -0500
committerGlenn Strauss <gstrauss@gluelogic.com>2017-01-09 22:27:53 -0500
commitf57d8c54b418c1b770c221896dcfb6051cb24c3d (patch)
tree549d2f9435cb46a88482cfba29c377c47fe5c167 /tests
parent656f9e454dc5a4ea8f6319dfbaa06d289e046641 (diff)
downloadlighttpd1.4-f57d8c54b418c1b770c221896dcfb6051cb24c3d.tar.gz
lighttpd1.4-f57d8c54b418c1b770c221896dcfb6051cb24c3d.zip
[mod_cgi] skip local-redir handling if to self (fixes #2779, #2108)
Loosen local redirect handling in mod_cgi to skip handling as local redirect if the Location matches con->uri.path, since if the request is intended to redirect back to the same CGI using the same request method, path info, and query string, the CGI would logically just return the final intended response. Loosening this handling avoids a problem with applications (potentially) accessible through multiple gateways, where the application is not aware of this specific handling of Location in the Common Gateway Interface (CGI/1.1), the application sends abs-path in the Location response header instead of absoluteURI, and the application expects the client to receive this Location response header instead of the server to process as a CGI local redirect. One example of such an application is LuCI, which sends Set-Cookie with Location: /abs-path https://github.com/openwrt/luci (Note that this loose check for matching con->uri.path is not perfect and might not match if the CGI returned a path with a different case and the server is on a case-insensitive filesystem, or if the path returned by the CGI is rewritten elsewhere to a different con->uri.path before getting to mod_cgi.) RFC3875 CGI 1.1 specification section 6.2.2 Local Redirect Response http://www.ietf.org/rfc/rfc3875 x-ref: "CGI local-redir handling conflicts with LuCI redirect w/ Set-Cookie" https://redmine.lighttpd.net/issues/2779 "CGI local redirect not implemented correctly" https://redmine.lighttpd.net/issues/2108
Diffstat (limited to 'tests')
-rwxr-xr-xtests/docroot/www/cgi.pl2
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/docroot/www/cgi.pl b/tests/docroot/www/cgi.pl
index 096d509e..f7296f8b 100755
--- a/tests/docroot/www/cgi.pl
+++ b/tests/docroot/www/cgi.pl
@@ -1,7 +1,7 @@
#!/usr/bin/env perl
if ($ENV{"QUERY_STRING"} eq "internal-redir") {
- print "Location: /cgi.pl\r\n\r\n";
+ print "Location: /cgi-pathinfo.pl/foo\r\n\r\n";
exit 0;
}