[mod_cgi] status 200 OK if no hdrs (deprecated) (#2786)

set status 200 OK if CGI does not return CGI headers Note: This mode in lighttpd is deprecated and may be removed in the next major release of lighttpd. CGI scripts should return a proper CGI header in the response, even if that header is empty and followed by a blank line, before return response body. Without a proper CGI response header, the first line(s) of the response might be incorrectly construed as being CGI response headers, especially if they contain ':', and response may be corrupted. That is why this mode is deprecated (and not supported in numerous other web servers). The minimal valid CGI response header is "\n", which lighttpd will treat as equivalent to "Status: 200\n\n" x-ref: "error 500 (mod_cgi.c.601) cgi died" https://redmine.lighttpd.net/issues/2786
2017-02-22 11:58:21 -05:00 · 2017-02-22 11:58:21 -05:00 · 51ff7ac504
parent 1dd5cce3bc
commit 51ff7ac504
1 changed files with 2 additions and 0 deletions
--- a/src/mod_cgi.c
+++ b/src/mod_cgi.c
@ -509,6 +509,7 @@ static int cgi_demux_response(server *srv, handler_ctx *hctx) {
 					if (0 != http_chunk_append_buffer(srv, con, hctx->response_header)) {
 						return FDEVENT_HANDLED_ERROR;
 					}
+					if (0 == con->http_status) con->http_status = 200; /* OK */
 				} else {
 					const char *bstart;
 					size_t blen;
@ -853,6 +854,7 @@ static handler_t cgi_handle_fdevent(server *srv, void *ctx, int revents) {
 				cgi_connection_close(srv, hctx);
 				return HANDLER_ERROR;
 			}
+			if (0 == con->http_status) con->http_status = 200; /* OK */
 		} else {
 # if 0
 			log_error_write(srv, __FILE__, __LINE__, "sddd", "got HUP from cgi", con->fd, hctx->fd, revents);