Skip to content

Commit a8e5e3f

Browse files
author
Derick Rethans
committed
- MFH for:
 This is much better. With FORCE_CGI_REDIRECT turned on by default for compilation, we can now define this in the ini file. So it can be turned on for apache, turned off for IIS which does not have a redirect issue. Alternately, a different 'REDIRECT_STATUS' environment var can be defined in case some web server out there needs it. new ini vars cgi.force_redirect 0|1 cgi.redirect_status_env ENV_VAR_NAME
1 parent c5f773b commit a8e5e3f

File tree

1 file changed

+15
-8
lines changed

1 file changed

+15
-8
lines changed

sapi/cgi/cgi_main.c

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -378,6 +378,8 @@ int main(int argc, char *argv[])
378378
char *script_file=NULL;
379379
zend_llist global_vars;
380380
int interactive=0;
381+
int force_redirect = 1;
382+
char *redirect_status_env = NULL;
381383
/* end of temporary locals */
382384
#ifdef ZTS
383385
zend_compiler_globals *compiler_globals;
@@ -459,20 +461,25 @@ int main(int argc, char *argv[])
459461

460462
#if FORCE_CGI_REDIRECT
461463
/* check force_cgi after startup, so we have proper output */
462-
if (cgi) {
464+
if (cfg_get_long("cgi.force_redirect", &force_redirect) == FAILURE) {
465+
force_redirect = 1;
466+
}
467+
if (cgi && force_redirect) {
468+
if (cfg_get_string("cgi.redirect_status_env", &redirect_status_env) == FAILURE) {
469+
redirect_status_env = NULL;
470+
}
463471
/* Apache will generate REDIRECT_STATUS,
464472
* Netscape and redirect.so will generate HTTP_REDIRECT_STATUS.
465473
* redirect.so and installation instructions available from
466474
* http://www.koehntopp.de/php.
467475
* -- kk@netuse.de
468476
*/
469-
if (!getenv("REDIRECT_STATUS") && !getenv ("HTTP_REDIRECT_STATUS")
470-
#ifdef PHP_WIN32
471-
/* IIS doesn't set anything, look to see if php.exe is in the script_name */
472-
&& (strstr(getenv("SERVER_SOFTWARE"),"Apache") ||
473-
strstr(getenv("SERVER_SOFTWARE"),"iPlanet"))
474-
#endif
475-
) {
477+
if (!getenv("REDIRECT_STATUS")
478+
&& !getenv ("HTTP_REDIRECT_STATUS")
479+
/* this is to allow a different env var to be configured
480+
in case some server does something different than above */
481+
&& (!redirect_status_env || !getenv(redirect_status_env))
482+
) {
476483
PUTS("<b>Security Alert!</b> PHP CGI cannot be accessed directly.\n\
477484
\n\
478485
<P>This PHP CGI binary was compiled with force-cgi-redirect enabled. This\n\

0 commit comments

Comments
 (0)