config/5256: Why do CGI executed ? if configuration is "Options IncludesNOEXEC ExecCGI" then I think CGI don't executed.

5 Nov 1999 04:00:06 -0000 

>Number:         5256
>Category:       config
>Synopsis:       Why do CGI executed ? if configuration is "Options 
>IncludesNOEXEC ExecCGI" then I think CGI don't executed.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Nov  4 20:00:02 PST 1999
>Last-Modified:
>Originator:     [EMAIL PROTECTED]
>Organization:
apache
>Release:        1.3.3
>Environment:
Linux kernel 2.0.36
>Description:
it is case by  "<!--#include file="???.cgi"-->".

exsample:
---[HTML source]---
 <html>
 <head>
 </head>
 <body>
 <!--#include file="test.cgi"-->
 </body>
 </html>

---[CGI script]---
#!/bin/sh
echo 'Content-type: text/plain'
echo
echo 'abc'

#end of script
---
it was printed as "abc".
but I did think it is printed as 
"echo 'Content-type: text/plain'
 echo
 echo 'abc'".

==================

See also:Module mod_include
---
Basic Elements
:
:
include 
     This command inserts the text of another document or file into the parsed 
file. Any included file is subject to the usual access
     control. If the directory containing the parsed file has the Option 
IncludesNOEXEC set, and the including the document would
     cause a program to be executed, then it will not be included; this 
prevents the execution of CGI scripts. Otherwise CGI scripts
     are invoked as normal using the complete URL given in the command, 
including any query string. 
>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <[EMAIL PROTECTED]> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]

Reply via email to