tags:

views:

320

answers:

2
Q: 

Apache CGI redirect to absolute URI doesn't work

I have Apache 2.2.13 running in console mode on Windows. I have made an executable that handles requests. In a certain case, when it detects a URL pointing to a directory but has not trailing slash, it tries to redirect to the same URL with the missing slash appended. The exit-code is set to 301. Strangely enough, having this in the response header doesn't work:

Location: /cgi-bin/mycgi.exe/something/

but this does:

Location: something/

Am I doing something wrong? Or did I discover a bug in Apache? (If so, where and how should I post it best?)

A: 

1) Just to be clear, the redirection functionality (e.g. "what to do when seeing "Location: http response) is in your browser, not in Apache. I assume you know that but wanted to make sure it's clear. The reason it's relevant here is because as per the RFC, the address in 301 response needs to be "a single absolute URI". So your URI example is missing your domain name, e.g. needs to be http://your.web.server/cgi-bin/mycgi.exe/something/

While some web clients accept 301 with relative redirect, others do not.

2) Can you please specify exactly what you mean by "does not work" including client's error and any errors in Apache's log? Thanks

Also, please specify which of the following URLs work from the client and which do not:

Thanks

DVK  2009-09-07 18:54:18
When debugging, I noticed mycgi.exe was being called repeatedly, with a full copy of all of the environment variables prefixed with "REDIRECT_", but without the updated "REQUEST_URI", so this would loop, and the duplication of env-vars ("REDIRECT_REDIRECT_REDIRECT_...") would break this cycle and cause Apache to show a server error notice page.
Stijn Sanders  2009-09-08 07:38:03
A: 

Usually, 'Location' contains a full URL, including http: and the hostname. This is the case outlined by DVK.

Location: /cgi-bin/mycgi.exe/something/

This is actually something else: an internal redirect. It is defined by the CGI specification and works in some other server environments derived from CGI, such as PHP. When Location contains a 'virtual path', Apache serves up the page/script in that path straight away, without the browser knowing there was any kind of redirect.

Obviously that's not what you want as it makes no sense to do a 301 internal redirect when the browser will never see that it's a 301.

Location: something/

This, on the other hand, is nothing. It's not a full URL and it's not a virtual path as it doesn't begin with '/'. Apache doesn't know what to do with it, so it just guesses that it isn't a virtual path so spits it back to the browser with no further comment.

It's invalid to send this in a 'Location' header to a browser, but many of them will allow it anyway, which is why it appears to work. Really you should be passing the full URL:

Location: http://www.example.com/cgi-bin/mycgi.exe/something/
bobince  2009-09-07 19:52:30
Thanks. I'll modify the 'redirect prefix' to include "http://" and the "HTTP_HOST" env value
Stijn Sanders  2009-09-08 07:34:22

related questions

How do I add a MIME type to .htaccess?
Difference between the Apache HTTP Server and Apache Tomcat?
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Cleanest & Fastest server setup for Django
Installing Apache Web Server on 64 Bit Mac
Running Apache alongside another web server?
Algorithm behind MD5Crypt
Can you compile Apache HTTP Server and redeploy its binaries to a different location ?
mod_rewrite rule to redirect all requests except for one specific path
How do I create a self signed SSL certificate to use while testing a web app.
Software for Webserver Log Analysis?
What is the difference between an endpoint, a service, and a port when working with webservices?
What are the proper permissions for an upload folder with PHP/Apache?
mod_rewrite to alias one file suffix type to another
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
User authentication on Resin webserver
How do you set up Python scripts to work in Apache 2.0?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP