The real problem here is that you even have password
embedded in your scripts to start with.
Not a good idea.
True.
On Friday 28 February 2003 17:21, Cory Rau wrote:I was messing around at home with a test web server (Windows 2000 Professional, Apache and ActivePerl (all the latest versions of each)) which resides in my office and I typed in the url of a perl script. I purposely mistyped the url with 'cgi-bin' rather than what it actually is, 'CGI-BIN' just to see what would happen. I ended up getting the entire *code* of the perl script in my web browser (latest version of Safari on Mac OS X 10.2.3)! This worries me because my code contains passwords to our database. Is it a well known problem to capitalize the CGI-BIN directory? Should I make it lower case and change my Apache config file as well as any paths to it in my perl scripts? Or is it just a permissions problem?
It sounds like an Apache problem (and is therefore mostly off-topic for dbi-users). I think that's the case because, as long as Safari is not modifying the URL text before sending it to the web server, what comes back in response to a query is entirely up to the web server, not the browser.
The MacOS X case-insensitive file system is good for headaches like that, and I'm sure that the Apache Foundation would want to hear about it. You should be able to reproduce the problem with any browser on the machine - I think...
...But wait; you said that it is a Windows machine that is doing the web serving. Well, that's a case-insensitive file system too, isn't it. OK, it isn't the MacOS X file system but the Win32 file system that is causing the grief. Could it also be that you've misconfigured cgi-bin (CGI-BIN) so it is under the document root?
...I'm not quite so sure about all this as I thought I was when I started typing...
If I re-type the url using upper case CGI-BIN, it works as expected.
I'm relatively new to Perl and Apache so forgive me if this is a well know faux pas. I was just wondering if others are aware of this issue.
Regards, Cory Rau
--
Jonathan Leffler ([EMAIL PROTECTED], [EMAIL PROTECTED]) #include <disclaimer.h>
Guardian of DBD::Informix v2003.04 -- http://dbi.perl.org/
