Commit Graph

48 Commits (61785d868fb66046a00ed52b4cc928062a7ec741)

Author SHA1 Message Date
Glenn Strauss 07517ff30a [tests] some test config cleanup
including limiting use of php in tests to mod-fastcgi.t
5 years ago
Glenn Strauss 739ccb5de0 [tests] remove unused file depending on CGI.pm
lighttpd tests do not depend on CGI.pm.

remove *unused* file tests/docroot/www/404.fcgi
which used CGI::Fast, which depends on CGI.pm.
6 years ago
Glenn Strauss f57d8c54b4 [mod_cgi] skip local-redir handling if to self (fixes #2779, #2108)
Loosen local redirect handling in mod_cgi to skip handling as local
redirect if the Location matches con->uri.path, since if the request
is intended to redirect back to the same CGI using the same request
method, path info, and query string, the CGI would logically just
return the final intended response.  Loosening this handling avoids a
problem with applications (potentially) accessible through multiple
gateways, where the application is not aware of this specific handling
of Location in the Common Gateway Interface (CGI/1.1), the application
sends abs-path in the Location response header instead of absoluteURI,
and the application expects the client to receive this Location response
header instead of the server to process as a CGI local redirect.

One example of such an application is LuCI,
which sends Set-Cookie with Location: /abs-path
  https://github.com/openwrt/luci

(Note that this loose check for matching con->uri.path is not perfect
 and might not match if the CGI returned a path with a different case
 and the server is on a case-insensitive filesystem, or if the path
 returned by the CGI is rewritten elsewhere to a different con->uri.path
 before getting to mod_cgi.)

RFC3875 CGI 1.1 specification section 6.2.2 Local Redirect Response
http://www.ietf.org/rfc/rfc3875

x-ref:
  "CGI local-redir handling conflicts with LuCI redirect w/ Set-Cookie"
  https://redmine.lighttpd.net/issues/2779
  "CGI local redirect not implemented correctly"
  https://redmine.lighttpd.net/issues/2108
6 years ago
Glenn Strauss 15bc2313a4 [tests] mark tests/docroot/www/*.pl scripts a+x 7 years ago
Glenn Strauss 9af58a9716 revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes #2738)
reverts part of commit:dbdab5db which swapped REQUEST_URI, REDIRECT_URI

x-ref:
  "mediawiki redirect loop if REQUEST_URI not orig req in 1.4.40"
  https://redmine.lighttpd.net/issues/2738

Explanation:

REQUEST_URI and REDIRECT_URI are not part of CGI standard environment.
The reason for their existence is that PATH_INFO in CGI environment may
be different from the path in the current request.  The main reason for
this potential difference is that the URI path is normalized to a path
in the filesystem and tested against the filesystem to determine which
part is SCRIPT_NAME and which part is PATH_INFO.  In case-insensitive
filesystems, the URI might be lowercased before testing against the
filesystem, leading to loss of case-sensitive submission in any
resulting PATH_INFO.  Also, duplicated slashes "///" and directory
references "/." and "/.." are removed, including prior path component in
the case of "/..".  This might be undesirable when the information after
the SCRIPT_NAME is virtual information and there target script needs the
virtual path preserved as-is.  In that case, the target script can
re-parse REQUEST_URI (or REDIRECT_URI, as appropriate) to obtain the
unmodified information from the URI.

con->request.uri is equivalent to con->request.orig_uri unless the
request has been internally rewritten (e.g. by mod_rewrite, mod_magnet,
others), in which case con->request.orig_uri is the request made by the
client, and con->request.uri is the current URI being processed.

Historical REQUEST_URI (environment variable) lighttpd inconsistencies
- mod_cml     set REQUEST_URI to con->request.orig_uri
- mod_cgi     set REQUEST_URI to con->request.orig_uri
- mod_fastcgi set REQUEST_URI to con->request.orig_uri
- mod_scgi    set REQUEST_URI to con->request.orig_uri

- mod_ssi     set            REQUEST_URI to current con->request.uri
- mod_magnet  set MAGNET_ENV_REQUEST_URI to current con->request.uri
              and MAGNET_ENV_REQUEST_ORIG_URI to con->request.orig_uri

Historical REDIRECT_URI (environment variable) previously set only in
mod_fastcgi and mod_scgi, and set to con->request.uri

Since lighttpd 1.4.40 provides REDIRECT_URI with con->request.orig_uri,
changes were made to REQUEST_URI for consistency, with the hope that
there would be little impact to existing configurations since the
request uri and original request uri are the same unless there has been
an internal redirect.  It turns out that various PHP frameworks use
REQUEST_URI and require that it be the original URI requested by client.

Therefore, this change is being reverted, and lighttpd will set
REQUEST_URI to con->request.orig_uri in mod_cgi, mod_fastcgi, mod_scgi
as was done in lighttpd 1.4.39 and earlier.  Similarly, REDIRECT_URI
also has the prior behavior in mod_fastcgi and mod_scgi, and added to
mod_cgi.

A future release of lighttpd might change mod_ssi to be consistent with
the other modules in setting REQUEST_URI to con->request.orig_uri and to
add REDIRECT_URI, when an internal redirect has occurred.
7 years ago
Glenn Strauss 8861c2bb54 [mod_cgi] handle local redirect response (fixes #2108)
RFC3875 CGI 1.1 specification section 6.2.2 Local Redirect Response
http://www.ietf.org/rfc/rfc3875

x-ref:
  "CGI local redirect not implemented correctly"
  https://redmine.lighttpd.net/issues/2108
7 years ago
Glenn Strauss d147673d40 [tests] remove dependency on CGI.pm
CGI.pm is no longer shipped as part of Perl core distribution
(and is easily replaced)
7 years ago
Glenn Strauss 16a3f3b6fc [build] update Makefile.am EXTRA_DIST w/ new files 7 years ago
Glenn Strauss a5fcfee6fc [mod_ssi] more flexible quoting (fixes #1768)
allow double-quotes, single-quotes or no quote on SSI param values

remove use of PCRE from mod_ssi

fix misspelling of 'unknow' to be 'unknown'

x-ref:
  "mod_ssi doesn't accept single quotes"
  https://redmine.lighttpd.net/issues/1768
7 years ago
Glenn Strauss df146a7724 [mod_ssi] fix SSI statement parser
bug introduced in 8e3c6bf7 when statement parser was replaced
7 years ago
Glenn Strauss dbdab5dbc9 [core] server.error-handler new directive for error pages (fixes #2702)
server.error-handler preserves HTTP status error code when error page
is static, and allows dynamic handlers to change HTTP status code
when error page is provided by dynamic handler.  server.error-handler
intercepts all HTTP status codes >= 400 except when the content is
generated by a dynamic handler (cgi, ssi, fastcgi, scgi, proxy, lua).
The request method is unconditionally changed to GET for the request
to service the error handler, and the original request method is
later restored (for logging purposes).  request body from the
original request, if present, is discarded.

server.error-handler is somewhat similar to server.error-handler-404,
but server.error-handler-404 is now deprecated, intercepts only 404
and 403 HTTP status codes, and returns 200 OK for static error pages,
a source of confusion for some admins.  On the other hand, the new
server.error-handler, when set, will intercept all HTTP status error
codes >= 400.  server.error-handler takes precedence over
server.error-handler-404 when both are set.

NOTE: a major difference between server.error-handler and the
now-deprecated server.error-handler-404 is that the values of the
non-standard CGI environment variables REQUEST_URI and REDIRECT_URI
have been swapped.  Since REDIRECT_STATUS is the original HTTP
status code, REDIRECT_URI is now the original request, and REQUEST_URI
is the current request (e.g. the URI/URL to the error handler).
The prior behavior -- which reversed REQUEST_URI and REDIRECT_URI values
from those described above -- is preserved for server.error-handler-404.

Additionally, REDIRECT_STATUS is now available to mod_magnet, which
continues to have access to request.uri and request.orig_uri.

See further discussion at https://redmine.lighttpd.net/issues/2702
and https://redmine.lighttpd.net/issues/1828

github: closes #36
7 years ago
Stefan Bühler 87c5ec9651 [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3019 152afb58-edef-0310-8abb-c4023f1b3aa9
8 years ago
Stefan Bühler e6925949ab add some until now missing files to dist tarball
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2990 152afb58-edef-0310-8abb-c4023f1b3aa9
8 years ago
Stefan Bühler 673923daf8 [tests] fix undefined index warning in sendfile.php
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2985 152afb58-edef-0310-8abb-c4023f1b3aa9
8 years ago
Stefan Bühler 8c83976dbe mod_fastcgi: Add "X-Sendfile2" - supporting multiple ranged files (fixes #2008)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2651 152afb58-edef-0310-8abb-c4023f1b3aa9
14 years ago
Stefan Bühler 5865a2e3f2 Removed sendfile.php from dist
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2543 152afb58-edef-0310-8abb-c4023f1b3aa9
14 years ago
Stefan Bühler b2108c436c Remove X-Sendfile-Range feature; it will be replaced with something more powerful (#2005, #2008)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2542 152afb58-edef-0310-8abb-c4023f1b3aa9
14 years ago
Stefan Bühler 60e745695a Fix 100% cpu usage if time() < 0 (thx to gaspa and cate, fixes #1964)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2532 152afb58-edef-0310-8abb-c4023f1b3aa9
14 years ago
Stefan Bühler ad1e80e5af Add X-Sendfile-Range feature (fixes #2005)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2531 152afb58-edef-0310-8abb-c4023f1b3aa9
14 years ago
Stefan Bühler 59eaedf353 [tests] Remove index.html~ from repository, create it on the fly for tests
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2530 152afb58-edef-0310-8abb-c4023f1b3aa9
14 years ago
Stefan Bühler 124d8cd555 Fix make dist (remove dummydir)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2293 152afb58-edef-0310-8abb-c4023f1b3aa9
15 years ago
Xuefer 765d3cbe6a avoid undefined index triggered by user's php.ini
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2178 152afb58-edef-0310-8abb-c4023f1b3aa9
15 years ago
Elan Ruusamäe cde46f6a3d - support chained proxies in mod_extforward (#1528)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2061 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Elan Ruusamäe b6d6b82b70 - add test for extforward module
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2044 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 6719b15c7b - added missing Makefile.am entries
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1954 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Jan Kneschke 41e836b410 fixed extracting status code from NPH scripts (fixes #1125)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1948 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 2573648c4b - added testcase for #948
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1901 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 029d32039c - fixed 404 testsuite
- added optional fastcgi handler

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1898 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 984f5caf57 make the cgi executable
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1895 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 420abdb295 - added test cases for 404 handler
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1894 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 58ea3c14c5 - make the test more portable
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1892 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert 01fab66c18 - added test for the location crash
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1887 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Jan Kneschke 022760f07d check the URL twice, before and after path-info handling. (fixes #1230)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1871 152afb58-edef-0310-8abb-c4023f1b3aa9
16 years ago
Marcus Rückert b8df99f3db - a few more whitespace cleanups
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1374 152afb58-edef-0310-8abb-c4023f1b3aa9
17 years ago
Jan Kneschke 4fc810eb34 this should have been part of [752]
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@754 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke cebb64e47b added a ssi check for the endless loop we had
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@752 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke 09f5416912 some files aren't shipped anymore
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@667 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke 4fc9ee0f86 removed duplicate test-scripts, added a test for bin-copy-env and cleaned up configfiles
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@661 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke 7988661090 added tests for keep-alive and setenv and passed a ARRAY ref instead of a HASH ref
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@654 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke 3af5f02398 added a basic test for mod-ssi
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@612 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke b22c094836 added testcase for header before we-got-content bug
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@604 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke 75c3a8393a added include_shell option to configfiles (merged the rest of the trunk changesets)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@530 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke cd4c324ff2 allow numbers in header-keys
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@523 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke 6e78c2c8df user defined variable, compute on parsing: string+string, int+int, array+array, var+=expression.
"include" sub configuration file. (merged ([308], [309], [306], [305])


git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@520 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke eaa13584b5 added tests for /prefix + PATH_INFO on check-local = disable
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.3.x@479 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago
Jan Kneschke a9f7841379 2 rewrite tests
git-svn-id: svn://svn.lighttpd.net/lighttpd/trunk@92 152afb58-edef-0310-8abb-c4023f1b3aa9
19 years ago
Jan Kneschke 6bf51546c7 converted all tests to run-tests.pl
git-svn-id: svn://svn.lighttpd.net/lighttpd/trunk@56 152afb58-edef-0310-8abb-c4023f1b3aa9
19 years ago
Jan Kneschke bcdc6a3bbc moved everything below trunk/ and added branches/ and tags/
git-svn-id: svn://svn.lighttpd.net/lighttpd/trunk@30 152afb58-edef-0310-8abb-c4023f1b3aa9
19 years ago