At 10:17 AM +0200 9/19/00, Richard van Drimmelen wrote:
>/dir/www-1/cgi-bin/htsearch -c /dir/www-1/htdig/conf/htdig.conf
>
>from the command line, everything works fine. I get various pages of
>html output (or a 'No match found').
>
>But when I run the same from my webbrowser (yes I have updated my
>search.html page and included the -c conf file option) this doesn't
>work. It gives me an error:
You should not use command-line flags from a CGI form--it can produce
security problems (since people could throw in command-line calls).
See <http://www.htdig.org/hts_form.html>
In particular, set the "config" field of the search form. This
defaults to the CONFIG_DIR directory or subdirectories inside to
minimize security risk. (The CGI is effectively chroot'ed.) If the
CONFIG_DIR was not set correctly when you compiled, you will want to
change it and recompile. Probably the easiest way to do this in 3.1.5
is to edit the CONFIG file in your source directory.
--
-Geoff Hutchison
Williams Students Online
http://wso.williams.edu/
------------------------------------
To unsubscribe from the htdig mailing list, send a message to
[EMAIL PROTECTED]
You will receive a message to confirm this.
List archives: <http://www.htdig.org/mail/menu.html>
FAQ: <http://www.htdig.org/FAQ.html>
