From: André Malo Date: Mon, 30 Jun 2003 01:16:33 +0000 (+0000) Subject: update transformation of recent changes X-Git-Tag: pre_ajp_proxy~1493 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=edc4a6f2c6dbd20ace4f4ae9ce4a3c3e395aecfe;p=apache update transformation of recent changes git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100409 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/bind.html.en b/docs/manual/bind.html.en index 9e49239f2c..6fa040244a 100644 --- a/docs/manual/bind.html.en +++ b/docs/manual/bind.html.en @@ -33,10 +33,10 @@

Overview

- +
Related ModulesRelated Directives
- - + +

When Apache starts, it binds to some port and address on the local machine and waits for incoming requests. By default, it listens to all addresses on the machine. However, it needs to diff --git a/docs/manual/cgi_path.html.en b/docs/manual/cgi_path.html.en index 2b65515f09..c5e3a83359 100644 --- a/docs/manual/cgi_path.html.en +++ b/docs/manual/cgi_path.html.en @@ -50,7 +50,7 @@

Alias /cgi-ralph /usr/local/httpd/cgi-bin/user.cgi/ralph

- +

In this case, user.cgi is the CGI script, the "/ralph" is information to be passed onto the CGI. If this configuration was in place, and a request came for diff --git a/docs/manual/custom-error.html.en b/docs/manual/custom-error.html.en index 059ba07e5b..ea201eac38 100644 --- a/docs/manual/custom-error.html.en +++ b/docs/manual/custom-error.html.en @@ -25,10 +25,10 @@

Additional functionality allows webmasters to configure the response of Apache to some error or problem.

- +

Customizable responses can be defined to be activated in the event of a server detected error or problem.

- +

If a script crashes and produces a "500 Server Error" response, then this response can be replaced with either some friendlier text or by a redirection to another URL (local or external).

@@ -41,36 +41,36 @@

Behavior

- +

Old Behavior

- +

NCSA httpd 1.3 would return some boring old error/problem message which would often be meaningless to the user, and would provide no means of logging the symptoms which caused it.

- +

New Behavior

- +

The server can be asked to:

- +
  1. Display some other text, instead of the NCSA hard coded messages, or
    2. - +
  2. redirect to a local URL, or
    3. - +
  3. redirect to an external URL.
- +

Redirecting to another URL can be useful, but only if some information can be passed which can then be used to explain and/or log the error/problem more clearly.

- +

To achieve this, Apache will define new CGI-like environment variables:

- +

REDIRECT_HTTP_ACCEPT=*/*, image/gif, image/x-xbitmap, image/jpeg
@@ -85,9 +85,9 @@ REDIRECT_SERVER_SOFTWARE=Apache/0.8.15
REDIRECT_URL=/cgi-bin/buggy.pl

- +

Note the REDIRECT_ prefix.

- +

At least REDIRECT_URL and REDIRECT_QUERY_STRING will be passed to the new URL (assuming it's a cgi-script or a cgi-include). The @@ -102,13 +102,13 @@

Configuration

- +

Use of ErrorDocument is enabled for .htaccess files when the AllowOverride is set accordingly.

- +

Here are some examples...

- +

ErrorDocument 500 /cgi-bin/crash-recover
ErrorDocument 500 "Sorry, our script crashed. Oh dear"
@@ -116,44 +116,44 @@ ErrorDocument 404 /Lame_excuses/not_found.html
ErrorDocument 401 /Subscription/how_to_subscribe.html

- +

The syntax is,

- +

ErrorDocument <3-digit-code> <action>

- +

where the action can be,

- +
  1. Text to be displayed. Prefix the text with a quote ("). Whatever follows the quote is displayed. Note: the (") prefix isn't displayed.
    2. - +
  2. An external URL to redirect to.
    3. - +
  3. A local URL to redirect to.
top

Custom Error Responses and Redirects

- +

Apache's behavior to redirected URLs has been modified so that additional environment variables are available to a script/server-include.

- +

Old behavior

- +

Standard CGI vars were made available to a script which has been redirected to. No indication of where the redirection came from was provided.

- +

New behavior

- +

A new batch of environment variables will be initialized for use by a script which has been redirected to. Each new variable will have the prefix REDIRECT_. @@ -166,21 +166,21 @@ and REDIRECT_STATUS to help the script trace its origin. Both the original URL and the URL being redirected to can be logged in the access log.

- +

If the ErrorDocument specifies a local redirect to a CGI script, the script should include a "Status:" header field in its output in order to ensure the propagation all the way back to the client of the error condition that caused it to be invoked. For instance, a Perl ErrorDocument script might include the following:

- +

...
print "Content-type: text/html\n";
printf "Status: %s Condition Intercepted\n", $ENV{"REDIRECT_STATUS"};
...

- +

If the script is dedicated to handling a particular error condition, such as 404 Not Found, it can use the specific code and error text instead.

diff --git a/docs/manual/developer/API.html.en b/docs/manual/developer/API.html.en index 3d1d2e2c5b..5165ce56a8 100644 --- a/docs/manual/developer/API.html.en +++ b/docs/manual/developer/API.html.en @@ -355,8 +355,9 @@ struct stat finfo; /* Set by server core; 

int header_only;     /* HEAD request, as opposed to GET */
 char *protocol;      /* Protocol, as given to us, or HTTP/0.9 */
 char *method;        /* GET, HEAD, POST, etc. */
-int method_number;   /* M_GET, M_POST, etc. */

-
+int method_number; /* M_GET, M_POST, etc. */ + +

/* Info for logging */

char *the_request;
diff --git a/docs/manual/env.html.en b/docs/manual/env.html.en index 553524e346..8891345ba9 100644 --- a/docs/manual/env.html.en +++ b/docs/manual/env.html.en @@ -30,7 +30,7 @@ also used as a mechanism to communicate with external programs such as CGI scripts. This document discusses different ways to manipulate and use these variables.

- +

Although these variables are referred to as environment variables, they are not the same as the environment variables controlled by the underlying operating system. @@ -53,19 +53,19 @@

Setting Environment Variables

Related ModulesRelated Directives
- +

Basic Environment Manipulation

- +

The most basic way to set an environment variable in Apache is using the unconditional SetEnv directive. Variables may also be passed from the environment of the shell which started the server using the PassEnv directive.

- +

Conditional Per-Request Settings

- +

For additional flexibility, the directives provided by mod_setenvif allow environment variables to be set on a per-request basis, conditional on characteristics of particular @@ -74,41 +74,41 @@ a specific Referer [sic] header is found. Even more flexibility is available through the mod_rewrite's RewriteRule which uses the [E=...] option to set environment variables.

- +

Unique Identifiers

- +

Finally, mod_unique_id sets the environment variable UNIQUE_ID for each request to a value which is guaranteed to be unique across "all" requests under very specific conditions.

- +

Standard CGI Variables

- +

In addition to all environment variables set within the Apache configuration and passed from the shell, CGI scripts and SSI pages are provided with a set of environment variables containing meta-information about the request as required by the CGI specification.

- +

Some Caveats

- +
  • It is not possible to override or change the standard CGI variables using the environment manipulation directives.
    • - +
  • When suexec is used to launch CGI scripts, the environment will be cleaned down to a set of safe variables before CGI scripts are launched. The list of safe variables is defined at compile-time in suexec.c.
    • - +
  • For portability reasons, the names of environment variables may contain only letters, numbers, and the underscore character. In addition, the first character may @@ -121,23 +121,23 @@

    Using Environment Variables

    - +
    Related ModulesRelated Directives

    CGI Scripts

    - +

    One of the primary uses of environment variables is to communicate information to CGI scripts. As discussed above, the environment passed to CGI scripts includes standard meta-information about the request in addition to any variables set within the Apache configuration. For more details, see the CGI tutorial.

    - +

    SSI Pages

    - +

    Server-parsed (SSI) documents processed by mod_include's INCLUDES filter can print environment variables using the echo element, and can use environment @@ -145,11 +145,11 @@ conditional on characteristics of a request. Apache also provides SSI pages with the standard CGI environment variables as discussed above. For more details, see the SSI tutorial.

    - +

    Access Control

    - +

    Access to the server can be controlled based on the value of environment variables using the allow from env= and deny from env= directives. In combination with @@ -158,11 +158,11 @@ characteristics of the client. For example, you can use these directives to deny access to a particular browser (User-Agent).

    - +

    Conditional Logging

    - +

    Environment variables can be logged in the access log using the LogFormat option %e. In addition, the decision on whether @@ -174,11 +174,11 @@ requests for filenames ending in gif, or you can choose to only log requests from clients which are outside your subnet.

    - +

    Conditional Response Headers

    - +

    The Header directive can use the presence or absence of an environment variable to determine whether or not @@ -186,7 +186,7 @@ client. This allows, for example, a certain response header to be sent only if a corresponding header is received in the request from the client.

    - +

    External Filter Activation

    @@ -200,7 +200,7 @@

    URL Rewriting

    - +

    The %{ENV:...} form of TestString in the RewriteCond allows mod_rewrite's rewrite @@ -214,23 +214,23 @@

    Special Purpose Environment Variables

    - +

    Interoperability problems have led to the introduction of mechanisms to modify the way Apache behaves when talking to particular clients. To make these mechanisms as flexible as possible, they are invoked by defining environment variables, typically with BrowserMatch, though SetEnv and PassEnv could also be used, for example.

    - +

    downgrade-1.0

    - +

    This forces the request to be treated as a HTTP/1.0 request even if it was in a later dialect.

    - +

    force-no-vary

    - +

    This causes any Vary fields to be removed from the response header before it is sent back to the client. Some clients don't interpret this field correctly; setting this @@ -240,7 +240,7 @@

    force-response-1.0

    - +

    This forces an HTTP/1.0 response to clients making an HTTP/1.0 request. It was originally implemented as a result of a problem with AOL's proxies. Some @@ -271,33 +271,33 @@

    nokeepalive

    - +

    This disables KeepAlive when set.

    - +

    prefer-language

    - +

    This influences mod_negotiation's behaviour. If it contains a language tag (such as en, ja or x-klingon), mod_negotiation tries to deliver a variant with that language. If there's no such variant, the normal negotiation process applies.

    - +

    redirect-carefully

    - +

    This forces the server to be more careful when sending a redirect to the client. This is typically used when a client has a known problem handling redirects. This was originally implemented as a result of a problem with Microsoft's WebFolders software which has a problem handling redirects on directory resources via DAV methods.

    - +

    suppress-error-charset

    @@ -324,10 +324,10 @@

    Examples

    - +

    Changing protocol behavior with misbehaving clients

    - +

    We recommend that the following lines be included in httpd.conf to deal with known client problems.

    @@ -354,7 +354,7 @@ BrowserMatch "JDK/1\.0" force-response-1.0

    Do not log requests for images in the access log

    - +

    This example keeps requests for images from appearing in the access log. It can be easily modified to prevent logging of particular directories, or to prevent logging of requests @@ -364,11 +364,11 @@ SetEnvIf Request_URI \.gif image-request SetEnvIf Request_URI \.jpg image-request SetEnvIf Request_URI \.png image-request CustomLog logs/access_log common env=!image-request

    - +

    Prevent "Image Theft"

    - +

    This example shows how to keep people not on your server from using images on your server as inline-images on their pages. This is not a recommended configuration, but it can work @@ -383,7 +383,7 @@ SetEnvIf Referer "^$" local_referal Deny from all Allow from env=local_referal </Directory>

    - +

    For more information about this technique, see the ApacheToday tutorial " Keeping Your Images from Adorning Other Sites".

    diff --git a/docs/manual/filter.html.en b/docs/manual/filter.html.en index 846042d953..57a0788d83 100644 --- a/docs/manual/filter.html.en +++ b/docs/manual/filter.html.en @@ -30,7 +30,7 @@

    Filters

    Related ModulesRelated Directives
    - +

    A filter is a process that is applied to data that is sent or received by the server. Data sent by clients to the server is processed by input filters while data sent diff --git a/docs/manual/handler.html.en b/docs/manual/handler.html.en index 962c76102d..a1eac4403e 100644 --- a/docs/manual/handler.html.en +++ b/docs/manual/handler.html.en @@ -34,7 +34,7 @@

    What is a Handler

    Related ModulesRelated Directives
    - +

    A "handler" is an internal Apache representation of the action to be performed when a file is called. Generally, files @@ -89,7 +89,7 @@

    The following directives will cause requests for files with the html extension to trigger the launch of the footer.pl CGI script.

    - +

    Action add-footer /cgi-bin/footer.pl
    AddHandler add-footer .html @@ -99,7 +99,7 @@ originally requested document (pointed to by the PATH_TRANSLATED environment variable) and making whatever modifications or additions are desired.

    - +

    Files with HTTP headers

    @@ -116,7 +116,7 @@ SetHandler send-as-is
    </Directory>

    - +
    top
    diff --git a/docs/manual/logs.html.en b/docs/manual/logs.html.en index 3697458c17..faca3f3c32 100644 --- a/docs/manual/logs.html.en +++ b/docs/manual/logs.html.en @@ -43,7 +43,7 @@

    Security Warning

    - +

    Anyone who can write to the directory where Apache is writing a log file can almost certainly gain access to the uid that the server is started as, which is normally root. Do @@ -61,9 +61,9 @@

    Error Log

    - +
    Related ModulesRelated Directives
    - +

    The server error log, whose name and location is set by the ErrorLog directive, is the most important log file. This is the place where Apache httpd @@ -79,18 +79,18 @@ is also possible to have the server send errors to syslog or pipe them to a program.

    - +

    The format of the error log is relatively free-form and descriptive. But there is certain information that is contained in most error log entries. For example, here is a typical message.

    - +

    [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration: /export/home/live/ap/htdocs/test

    - +

    The first item in the log entry is the date and time of the message. The second entry lists the severity of the error being reported. The LogLevel @@ -115,11 +115,11 @@ Since it is possible to customize the access log, you can obtain more information about error conditions using that log file.

    - +

    During testing, it is often useful to continuously monitor the error log for any problems. On unix systems, you can accomplish this using:

    - +

    tail -f error_log

    @@ -127,9 +127,9 @@

    Access Log

    - +
    Related ModulesRelated Directives
    - +

    The server access log records all requests processed by the server. The location and content of the access log are controlled by the CustomLog @@ -147,7 +147,7 @@ analysis, check the Open Directory or Yahoo.

    - +

    Various versions of Apache httpd have used other modules and directives to control access logging, including mod_log_referer, mod_log_agent, and the @@ -159,10 +159,10 @@ printf(1) format string. Some examples are presented in the next sections. For a complete list of the possible contents of the format string, see the mod_log_config format strings.

    - +

    Common Log Format

    - +

    A typical configuration for the access log might look as follows.

    @@ -170,7 +170,7 @@ LogFormat "%h %l %u %t \"%r\" %>s %b" common
    CustomLog logs/access_log common

    - +

    This defines the nickname common and associates it with a particular log format string. The format string consists of percent directives, each of which tell the @@ -188,7 +188,7 @@ nickname. The filename for the access log is relative to the ServerRoot unless it begins with a slash.

    - +

    The above configuration will write log entries in a format known as the Common Log Format (CLF). This standard format can be produced by many different web servers and read by many log @@ -199,9 +199,9 @@ 127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 2326

    - +

    Each part of this log entry is described below.

    - +
    127.0.0.1 (%h)
    @@ -299,10 +299,10 @@ %B instead.
    - +

    Combined Log Format

    - +

    Another commonly used format string is called the Combined Log Format. It can be used as follows.

    @@ -318,7 +318,7 @@ %{header}i, where header can be any HTTP request header. The access log under this format will look like:

    - +

    127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 2326 @@ -327,7 +327,7 @@

    The additional fields are:

    - +
    "http://www.example.com/start.html" (\"%{Referer}i\")
    @@ -345,10 +345,10 @@ itself.
    - +

    Multiple Access Logs

    - +

    Multiple access logs can be created simply by specifying multiple CustomLog directives in the configuration @@ -369,10 +369,10 @@ nickname with the LogFormat directive. Instead, the log format can be specified directly in the CustomLog directive.

    - +

    Conditional Logs

    - +

    There are times when it is convenient to exclude certain entries from the access logs based on characteristics of the client request. This is easily accomplished with the help of environment variables. First, an @@ -413,7 +413,7 @@

    Log Rotation

    - +

    On even a moderately busy server, the quantity of information stored in the log files is very large. The access log file typically grows 1 MB or more per 10,000 requests. It @@ -448,7 +448,7 @@

    Piped Logs

    - +

    Apache httpd is capable of writing error and access log files through a pipe to another process, rather than directly to a file. This capability dramatically increases the @@ -476,7 +476,7 @@ CustomLog "|/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common

    - +

    Notice that quotes are used to enclose the entire command that will be called for the pipe. Although these examples are for the access log, the same technique can be used for the @@ -493,7 +493,7 @@

    Virtual Hosts

    - +

    When running a server with many virtual hosts, there are several options for dealing with log files. First, it is possible to use logs exactly as in a @@ -537,12 +537,12 @@

    Other Log Files

    - +
    Related ModulesRelated Directives
    - +

    PID File

    - +

    On startup, Apache httpd saves the process id of the parent httpd process to the file logs/httpd.pid. This filename can be changed with the PidFile directive. The @@ -552,20 +552,20 @@ For more information see the Stopping and Restarting page.

    - +

    Script Log

    - +

    In order to aid in debugging, the ScriptLog directive allows you to record the input to and output from CGI scripts. This should only be used in testing - not for live servers. More information is available in the mod_cgi documentation.

    - +

    Rewrite Log

    - +

    When using the powerful and complex features of mod_rewrite, it is almost always necessary to use the RewriteLog to help in debugging. This log file produces a detailed analysis of how diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en index 3c1f118bfc..9b1921737c 100644 --- a/docs/manual/mod/core.html.en +++ b/docs/manual/mod/core.html.en @@ -2494,7 +2494,7 @@ later #!C:/Perl/bin/perl.exe

    -

    or, if perl is in PATH, simply:

    +

    or, if perl is in the PATH, simply:

    #!perl @@ -2504,29 +2504,31 @@ later cause the Windows Registry tree HKEY_CLASSES_ROOT to be searched using the script file extension (e.g., .pl) as a search key. The command defined by the registry subkey - Shell\ExecCGI\Command or if not exists by the subkey - Shell\Open\Command is used to open the script file. In absence - of the file extension key or both subkeys Apache uses the + Shell\ExecCGI\Command or, if it does not exist, by the subkey + Shell\Open\Command is used to open the script file. If the + registry keys cannot be found, Apache falls back to the behavior of the Script option.

    -

    Security

    -

    Be careful to use ScriptInterpreterSource Registry with - ScriptAlias'ed directories, - because Apache is trying to execute every file within - this directory. The Registry setting may cause undesired - program calls on files, which are usually not executed. For example, the - default open command on .htm files on most Windows systems is - executing the Microsoft Internet Explorer, so any HTTP request for an - .htm file existing within the script directory would start - the browser in background. This is an effective method to crash your - system within a minute or so.

    +

    Security

    +

    Be careful when using ScriptInterpreterSource + Registry with ScriptAlias'ed directories, because + Apache will try to execute every file within this + directory. The Registry setting may cause undesired + program calls on files which are typically not executed. For + example, the default open command on .htm files on + most Windows systems will execute Microsoft Internet Explorer, so + any HTTP request for an .htm file existing within the + script directory would start the browser in the background on the + server. This is a good way to crash your system within a minute or + so.

    -

    The option Registry-Strict which is new in Apache 2.0 - does the same as Registry but uses only the subkey - Shell\ExecCGI\Command. The ExecCGI key - is not a common one. It has to be configured manually and prevents your - system from accidental program calls.

    +

    The option Registry-Strict which is new in Apache + 2.0 does the same thing as Registry but uses only the + subkey Shell\ExecCGI\Command. The + ExecCGI key is not a common one. It must be + configured manually in the windows registry and hence prevents + accidental program calls on your system.

    top
    diff --git a/docs/manual/mod/mod_include.html.en b/docs/manual/mod/mod_include.html.en index 7fbc96ab20..cfa8e1c41b 100644 --- a/docs/manual/mod/mod_include.html.en +++ b/docs/manual/mod/mod_include.html.en @@ -636,7 +636,7 @@ directive]"     - + @@ -659,7 +659,7 @@ directive]" below:

    SSI directives with alternate start and end tags

    - <%#printenv %> + <%printenv %>

    See also

    diff --git a/docs/manual/mod/quickreference.html.de b/docs/manual/mod/quickreference.html.de index aaa35df607..eec7221e70 100644 --- a/docs/manual/mod/quickreference.html.de +++ b/docs/manual/mod/quickreference.html.de @@ -621,7 +621,7 @@ verarbeiten - + diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index add14efd16..c62a9a7fee 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -606,7 +606,7 @@ server - + diff --git a/docs/manual/suexec.html.en b/docs/manual/suexec.html.en index 939674a472..a32304a7ad 100644 --- a/docs/manual/suexec.html.en +++ b/docs/manual/suexec.html.en @@ -187,7 +187,7 @@
  • Is the target user NOT superuser? - +

    Presently, suEXEC does not allow 'root' to execute

    • Description:String that starts an include element
    Syntax:SSIStartTag tag
    Default:SSIStartTag "<!--"
    Default:SSIStartTag "<!--#"
    Context:server config, virtual host
    Status:Base
    Module:mod_include
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI error
    SSIStartTag tag "<!--" svB
    String that starts an include element
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are displayed
    SSIUndefinedEcho string "(none)" svB
    String displayed when an unset variable is echoed
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI error
    SSIStartTag tag "<!--" svB
    String that starts an include element
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are displayed
    SSIUndefinedEcho string "(none)" svB
    String displayed when an unset variable is echoed