Re: secure cgi script environment variable problem

Mon, 09 Jul 2001 12:55:18 -0700 


I should add that the problem occurs only in Netscape.  With IE the script
gets the expected CONTENT_TYPE and CONTENT_LENGTH environment variables in
secure mode.   Is the problem I am seeing really 'my' problem to solve or
some fluke in the difference of how Netscape and IE handle secure forms?  I
still don't understand why on my reference system (Linux) both browsers
behave correctly.


Regards,
Evan Jennings
TPF Development, IBM Corp.
Poughkeepsie NY



                                                                                       
                   
                    Evan                                                               
                   
                    Jennings/Poughkeepsie       To:     [EMAIL PROTECTED]        
                   
                    /IBM@IBMUS                  cc:                                    
                   
                    Sent by:                    Subject:     secure cgi script 
environment variable       
                    owner-modssl-users@mo        problem                               
                   
                    dssl.org                                                           
                   
                                                                                       
                   
                                                                                       
                   
                    07/06/2001 12:02 PM                                                
                   
                    Please respond to                                                  
                   
                    modssl-users                                                       
                   
                                                                                       
                   
                                                                                       
                   



I am installing Apache 1.3.20 with mod_ssl on TPF (a specialized operating
system on IBM z-Series processors).  I've got Apache installed to the point
is serves up secure pages, but I am not getting the expected results when I
submit a form that runs a cgi script.  (The script does work as expected on
Linux.)

The problem is that not all the environment variables the script expects
are passed to it when the script is spawned.  The environment variables
that are missing are CONTENT_TYPE and CONTENT_LENGTH, but there are 52
other environment variables passed, such as SSL_CIPHER and SSL_PROTOCOL.
If the same script is run from a non-secure page, the variables
CONTENT_TYPE and CONTENT_LENGTH are present (and of course the SSL_*
variables are absent).  I see the function cgi_handler that takes an
argument of a request_rec structure containing keywords that are translated
into environment variables.  At this point in secure mode, the structure
does not contain the key "Content-type" that gets turned into CONTENT_TYPE,
whereas it does non-secure.  I have looked in the code to see where the
request_rec structure is created, and it isn't apparent to me how this
works.

Can anyone offer suggestions where I can look to get to the root of this
problem?


Regards,
Evan Jennings
TPF Development, IBM Corp.
Poughkeepsie NY


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]




______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to