Boa Web Server?????漰??????????
???????????? ???????[ 2015/1/16 13:52:20 ] ?????????????????? ??????
????????
????Boa ?????????????? WEB ??????????????????豸???
?????? Boa ???????????? CGI ?????????????Щ????
?????????????? Boa ?? CGI ?? Status/Location ????????????????????.
?????汾: ???а汾 (0.94.13)
???????: BOA ???? CGI ????????????????? Status ?? Location
???????????:
????CGI/1.1 ????漲?? CGI ?????????? Status ???? HTTP ?????(?磬 Status: 500 Internal Error) ??
????Location ???е??????? (?磬 Location: www.xxx.com)?? ?????????????????е?λ??.
????Boa ??? Stauts ?? Location ?????????? ??????????????????? Stauts ?? Location ????????е?
????CGI ???. ???? CGI ????????????????? ??????? Boa ???Web Server ?????????.
?????????:
????ASP/PHP/JSP/Perl/... ??? header?? redirect?? ... ????????? Stauts/Location ???????????????
????????????. Boa ?????????? CGI ???????????????.
????????????(??Status/Location????????):
????Apache 1.3.x/2.x IIS 4.x/5.x/6.X Boa 0.9x thttpd mini-httpd
?????????? ?????? * ??????? ?????? ??????
??????????
??????????
????CGI ??ó???????????? ???? HTTP ?????????????. ?磬???????????????????????? C ?????
????HTTP/1.0: printf("Pragma: no-cache
"); ??
????HTTP/1.1: printf("Cache-Control: no-cache; no-store
");
????????? ???????????????????????? Cookie ??????????(200 OK) ?????????
?????????????????? http ???????? CGI ???????????? "Status: " ?? "Loction: "??
??????Э??漲?? Web ??????????????????? "Status: " ?????????????? ??? "Location: " ???е???????
???????????????? "HTTP/1.0 302 Moved Temporarily
" ?? "HTTP/1.1 302 Found
".
???????????????? CGI ????????λ??.
???????? Boa Source Code:
????cgi_header.c Line 82-136 ???????? Boa ????? CGI ???????У? ???? "Status: "?? "Location: "?? ???????
23
24 int process_cgi_header(request * req)
25 {
26 char *buf;
27 char *c;
28
29 if (req->cgi_status != CGI_DONE)
30 req->cgi_status = CGI_BUFFER;
31
32 buf = req->header_line;
33
34 c = strstr(buf?? "
");
35 if (c == NULL) {
36 c = strstr(buf?? "
");
37 if (c == NULL) {
38 log_error_time();
39 fputs("cgi_header: unable to find LFLF
"?? stderr);
40 #ifdef FASCIST_LOGGING
41 log_error_time();
42 fprintf(stderr?? ""%s"
"?? buf);
43 #endif
44 send_r_bad_gateway(req);
45 return 0;
46 }
47 }
48 if (req->simple) {
49 if (*(c + 1) == '
')
50 req->header_line = c + 2;
51 else
52 req->header_line = c + 1;
53 return 1;
54 }
55 if (!strncasecmp(buf?? "Status: "?? 8)) {
56 req->header_line--;
57 memcpy(req->header_line?? "HTTP/1.0 "?? 9);
58 } else if (!strncasecmp(buf?? "Location: "?? 10)) { /* got a location header */
59 #ifdef FASCIST_LOGGING
60
61 log_error_time();
62 fprintf(stderr?? "%s:%d - found Location header "%s"
"??
63 __FILE__?? __LINE__?? buf + 10);
64 #endif
65
66
67 if (buf[10] == '/') { /* virtual path */
68 log_error_time();
69 fprintf(stderr??
70 "server does not support internal redirection: "
71 ""%s"
"?? buf + 10);
72 send_r_bad_request(req);
73
74 /*
75 * We (I?? Jon) have declined to support absolute-path parsing
76 * because I see it as a major security hole.
77 * Location: /etc/passwd or Location: /etc/shadow is not funny.
78 *
79 * Also?? the below code is borked.
80 * request_uri could contain /cgi-bin/bob/extra_path
81 */
82
83 /*
84 strcpy(req->request_uri?? buf + 10);
85 return internal_redirect(req);
86 */
87 } else { /* URL */
88 char *c2;
89 c2 = strchr(buf + 10?? '
');
90 /* c2 cannot ever equal NULL here because we already have found one */
91
92 --c2;
93 while (*c2 == '
')
94 --c2;
95 ++c2;
96 /* c2 now points to a '
' or the '
' */
97 *c2++ = '