From: William A. Rowe Jr <wrowe@apache.org>
Date: Sat, 6 Sep 2008 20:26:15 +0000 (+0000)
Subject: Ensure it's abundently clear that these scripts may be bad news
X-Git-Tag: 2.3.0~321
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d527d17cc5f147b1d553929f594911ece8e1d100;p=apache

Ensure it's abundently clear that these scripts may be bad news
with stupid-assed clients which contravine their prime directives,
such as content-type, or do not harm humans.

Flaws such as utf-7 decoding ensure that even txt->html transforms
are insufficient.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@692727 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/cgi-examples/printenv b/docs/cgi-examples/printenv
index e4c2140bcf..f815a7e501 100644
--- a/docs/cgi-examples/printenv
+++ b/docs/cgi-examples/printenv
@@ -1,4 +1,13 @@
-#!/usr/local/bin/perl
+#
+
+# To permit this cgi, replace # on the first line above with the
+# appropriate #!/path/to/perl shebang, and set this script executable
+# with chmod 755.
+#
+# Note that it is subject to cross site scripting attacks on MS IE
+# and any other browser which fails to honor RFC2616, so never use
+# it in a live server environment, it is provided only for testing.
+
 ##
 ##  printenv -- demo CGI program which just prints its environment
 ##
diff --git a/docs/cgi-examples/test-cgi b/docs/cgi-examples/test-cgi
index e27f857523..d92e0eccf8 100644
--- a/docs/cgi-examples/test-cgi
+++ b/docs/cgi-examples/test-cgi
@@ -1,4 +1,12 @@
-#!/bin/sh
+#
+
+# To permit this cgi, replace # on the first line above with the
+# appropriate #!/path/to/sh shebang, and set this script executable
+# with chmod 755.
+#
+# Note that it is subject to cross site scripting attacks on MS IE
+# and any other browser which fails to honor RFC2616, so never use
+# it in a live server environment, it is provided only for testing.
 
 # disable filename globbing
 set -f