Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

RE: Re: Execute perl script from HTML

by jjhorner (Hermit)
on Jun 22, 2000 at 22:16 UTC ( [id://19478]=note: print w/replies, xml ) Need Help??


in reply to Re: Execute perl script from HTML
in thread Execute perl script from HTML

Some SSI documentation from the Apaloosa book:

The exec command executes a given shell command or CGI script. OptionsIncludesNOEXEC disables this command completely.

usage: 

<!--#exec cgi="somescript.cgi"-->

[download]

The value to the cgi attribute specifies a %-encoded URL relative path to the CGI script. If the path does not begin with a slash, it is taken to be relative to the current document. The document referenced by this path is invoked as a CGI script, even if the server would not normally recognize it as such. However, the directory containing the script must be enabled for CGI scripts (with ScriptAlias or the ExecCGI option). The protective wrapper suExec will be applied if it is turned on. The CGI script is given the PATH_INFO and query string (QUERY_STRING) of the original request from the client; these cannot be specified in the URL path. The include variables will be available to the script in addition to the standeard CGI environment. If the script returns a Location header instead of output this is translated into an HTML anchor. If Options IncludesNOEXEC is set in the Config file, this command is turned off. The include virtual element should be used in preference to exec cgi.

Now on to the exec cgi element:

include

Includes other Config files immediately at that point in parsing - right there and then, not later on. Any included file is subject to the usual access control. If the directory containing the parsed file has Options IncludesNOEXEC set and including the document causes a program to be executed, it isn't included: this prevents execution of CGI scripts. Otherwise, CGI scripts are invoked as normal using the complete URL given in the command, including any query string.

An attribute defines the location of the document; the inclusion is done for each attribute given to the include command. The valid attributes are as follows:

file

The value is a path relative to the directory containing the current document being parsed. It can't contain ../, nor can it be an absolute path. The virtual attribute should always be used in preference to this one.

virtual

The value is a %-encoded URL relative to the current document being parsed. The URL cannot contain a scheme or hostname, only a path and an optional query string. If it does not being with a slash, then it is taken to be relative to the current document. A URL is contructed from the attributes value, and the server returns the same output it would have if the client had requested that URL. Thus, included files can be nested. A CGI script can still be run by this method if Options IncludesNOEXEC is set in the Config file. The reasoning is that clients can run CGI anyway by using its URL as a hot link or simply by typing it into their browser, so no harm is done by using this method (unlike cmd or exec).


I hope this clears it up. Special thanks to Ben Laurie & Peter Laurie, the authors of the book. 

J. J. Horner
Linux, Perl, Apache, Stronghold, Unix
jhorner@knoxlug.org http://www.knoxlug.org/

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://19478]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others admiring the Monastery: (4)
As of 2024-04-25 06:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found