Ember Normand
Mon, 06 Nov 2000 14:18:39 -0800
by Thomas_M >Aug. 14, 2000 8:41 am >Yup. Instead of: > http://www.somedomain.com/Dan.cgi?whatever >you can use: > http://www.somedomain.com/Dan.cgi/whatever > >and then the 'whatever' will be in $ENV{'PATH_INFO'} instead of >$ENV{'QUERY_STRING'}. > We were trying to do this and kept getting not found errors. We just got some info on this from microsoft and it's very hidden, so I thought I would share it so others don't have to go through all the trouble. In order to get the information in the PATH_INFO instead of the QUERY_STRING on IIS, you need to mess with the metabase. One way you can edit your metabase is with "c:\inetpub\adminsamples\asdutil.vbs". This is where it always is, regardless of where your websites actually run from. --So, to gain the ability to path the info in the path, instead of just through queries, do this: adsutil.vbs SET W3SVC/AllowPathInfoForScriptMappings 1 --In order to check your value, do this: adsutil.vbs GET W3SVC/AllowPathInfoForScriptMappings --If you have more than one web site and you only want to provide access to a specific web site, figure out the instance of the site (x) (for the default site, x = 1), and do this: adsutil.vbs SET W3SVC/x/AllowPathInfoForScriptMappings 1 Do NOT type x, figure out what the site instance is for the site you want to change. If you leave out the /x/ then it will apply to all site instances. Microsoft says this may be a security issue, so beware. I hope this helps somebody else out there. --Ember Here is some info Microsoft sent: IIS does script mapping based on the first match it finds in a URL. If there is path information in the URL after the script-mapped name, then this information is passed to the script-mapped ISAPI DLL as the HTTP PATH_INFO variable. ISAPI DLLs use PATH_INFO to determine what file they are supposed to operate on. An example URL is http://server/x.stm/file.asp, the inclusion of X.stm in the URL causes IIS to invoke Ssinc.dll, the ISAPI DLL that processes server-side includes (SSI). PATH_INFO is set to File.asp, and Ssinc.dll parses this file, looking for SSI constructs but ignoring the script code in the ASP file because Ssinc.dll does not know how to process ASP script code. The product was modified so that script map pages could not gain access to additional path information provided on the URL after the pathname and before the query string. This modification only applies to pages accessed as scripts, and can be disabled by setting either of the following metabase keys to "1" (or by making the same modification to the registry for IIS 3.0): W3SVC/AllowPathInfoForScriptMappings W3SVC/x/AllowPathInfoForScriptMappings (where x is a site instance) Setting w3svc/AllowPathInfoForScriptMappings or w3svc/x/AllowPathInfoForScriptMappings to 1 will cause IIS to revert to the CGI/1.1-defined behavior (thus reopening the security hole). _______________________________________________ Perl-Win32-Web mailing list [EMAIL PROTECTED] http://listserv.ActiveState.com/mailman/listinfo/perl-win32-web