ID: 30849 Updated by: [EMAIL PROTECTED] Reported By: xuefer at 21cn dot com -Status: Open +Status: Feedback Bug Type: CGI related Operating System: win PHP Version: 4.3.9 New Comment:
So where's the bug? Any patches perhaps..? Previous Comments: ------------------------------------------------------------------------ [2004-11-20 14:22:23] xuefer at 21cn dot com Description: ------------ sapi/cgi/README.FastCGI (with apache mod_fastcgi) both ScriptAlias(dynserver) or Alias(static server) method issue a security problem. force_redirect is not done for fastcgi, only for cgi this have same problem as cgi with no force_redirect i guess redirect checking can be done after $_SERVER is ready, while cgi use getenv. separate php is not affected by this problem. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=30849&edit=1
