--qLni7iB6Dl8qUSwk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable
On Fri, Jun 13, 2003 at 12:57:32PM -0700, Richard Crawford wrote: > Turns out it was the stupid HTML files that were pointing at the perl > scripts that were at fault. >=20 > In other words, my cold fusion enabled url looks like this: >=20 > http://www.myplace.com/cfmx/home/ >=20 > but if you try calling http://www.myplace.com/cfmx/home/script.pl it won't > work. You have to leave out the cfmx. Richard, There is still a server misconfiguration. If someone can pull the raw perl source code of any cgi's that run on your server something=20 is seriously broken because if people can actually read the source to=20 your CGI's regardless of language you have got to be *MUCH* more=20 careful about security in them. You should get apache configured so that /cfmx/home/ requests for=20 *.pl are also considered CGIs and are run correctly. =20 Depending on the setup it might be as simple as adding ExecCGI to=20 the <Directory> directive... but there are a few ways to do this. --=20 GPG key: http://simons-clan.com/~msimons/gpg/msimons.asc Fingerprint: 524D A726 77CB 62C9 4D56 8109 E10C 249F B7FA ACBE --qLni7iB6Dl8qUSwk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+6kOl4Qwkn7f6rL4RApvBAJ4gqUT49FOo3Fx31rLVNU1ZAwZ2jgCfW0tX 1JgTyqxHyEOFvPYYoZyE9EI= =yTVv -----END PGP SIGNATURE----- --qLni7iB6Dl8qUSwk-- _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
