1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
<!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>mod_cgi - Apache HTTP Server Version 2.4</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />
<script src="../style/scripts/prettify.min.js" type="text/javascript">
</script>
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.4</p>
<img alt="" src="../images/feather.png" /></div>
<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.4</a> > <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_cgi</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/mod/mod_cgi.html" title="English"> en </a> |
<a href="../fr/mod/mod_cgi.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
<a href="../ja/mod/mod_cgi.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../ko/mod/mod_cgi.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Execution of CGI scripts</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>cgi_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_cgi.c</td></tr></table>
<h3>Summary</h3>
<p>Any file that has the handler
<code>cgi-script</code> will be treated
as a CGI script, and run by the server, with its output being
returned to the client. Files acquire this handler either by
having a name containing an extension defined by the
<code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> directive, or by being
in a <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
directory.</p>
<p>For an introduction to using CGI scripts with Apache, see
our tutorial on <a href="../howto/cgi.html">Dynamic Content
With CGI</a>.</p>
<p>When using a multi-threaded MPM under unix, the module
<code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code> should be used in place of
this module. At the user level, the two modules are essentially
identical.</p>
<p>For backward-compatibility, the cgi-script handler will also be activated
for any file with the mime-type <code>application/x-httpd-cgi</code>. The
use of the magic mime-type is deprecated.</p>
</div>
<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#env">CGI Environment variables</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#cgi-debug">CGI Debugging</a></li>
</ul><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#cgiscripttimeout">CGIScriptTimeout</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#scriptlog">ScriptLog</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#scriptlogbuffer">ScriptLogBuffer</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#scriptloglength">ScriptLogLength</a></li>
</ul>
<h3>Bugfix checklist</h3><ul class="seealso"><li><a href="https://www.apache.org/dist/httpd/CHANGES_2.4">httpd changelog</a></li><li><a href="https://bz.apache.org/bugzilla/buglist.cgi?bug_status=__open__&list_id=144532&product=Apache%20httpd-2&query_format=specific&order=changeddate%20DESC%2Cpriority%2Cbug_severity&component=mod_cgi">Known issues</a></li><li><a href="https://bz.apache.org/bugzilla/enter_bug.cgi?product=Apache%20httpd-2&component=mod_cgi">Report a bug</a></li></ul><h3>See also</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code></li>
<li><code class="directive"><a href="../mod/core.html#options">Options</a></code> ExecCGI</li>
<li><code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code></li>
<li><code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code></li>
<li><a href="../suexec.html">Running CGI programs under different
user IDs</a></li>
<li><a href="http://www.ietf.org/rfc/rfc3875">CGI Specification</a></li>
<li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="env" id="env">CGI Environment variables</a></h2>
<p>The server will set the CGI environment variables as described
in the <a href="http://www.ietf.org/rfc/rfc3875">CGI specification</a>,
with the following provisions:</p>
<dl>
<dt>PATH_INFO</dt>
<dd>This will not be available if the <code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code> directive is explicitly set to
<code>off</code>. The default behavior, if <code class="directive">AcceptPathInfo</code> is not given, is that <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code> will accept path info (trailing <code>
/more/path/info</code> following the script filename in the URI),
while the core server will return a 404 NOT FOUND error for requests
with additional path info. Omitting the <code class="directive">AcceptPathInfo</code> directive has the same effect as setting
it <code>On</code> for <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code> requests.</dd>
<dt>REMOTE_HOST</dt>
<dd>This will only be set if <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> is set to <code>on</code> (it
is off by default), and if a reverse DNS lookup of the accessing
host's address indeed finds a host name.</dd>
<dt>REMOTE_IDENT</dt>
<dd>This will only be set if <code class="directive"><a href="../mod/mod_ident.html#identitycheck">IdentityCheck</a></code> is set to
<code>on</code> and the accessing host supports the ident
protocol. Note that the contents of this variable cannot be
relied upon because it can easily be faked, and if there is a
proxy between the client and the server, it is usually
totally useless.</dd>
<dt>REMOTE_USER</dt>
<dd>This will only be set if the CGI script is subject to
authentication.</dd>
</dl>
<p>This module also leverages the core functions
<a href="https://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__SCRIPT.html#ga0e81f9571a8a73f5da0e89e1f46d34b1">ap_add_common_vars</a> and
<a href="https://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__SCRIPT.html#ga6b975cd7ff27a338cb8752381a4cc14f">ap_add_cgi_vars</a>
to add environment variables like:</p>
<dl>
<dt>DOCUMENT_ROOT</dt>
<dd>Set with the content of the related <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directive.</dd>
<dt>SERVER_NAME</dt>
<dd>The fully qualified domain name related to the request.</dd>
<dt>SERVER_ADDR</dt>
<dd>The IP address of the Virtual Host serving the request.</dd>
<dt>SERVER_ADMIN</dt>
<dd>Set with the content of the related <code class="directive"><a href="../mod/core.html#serveradmin">ServerAdmin</a></code> directive.</dd>
</dl>
<p>For an exhaustive list it is suggested to write a basic CGI script
that dumps all the environment variables passed by Apache in a convenient format.
</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="cgi-debug" id="cgi-debug">CGI Debugging</a></h2>
<p>Debugging CGI scripts has traditionally been difficult, mainly
because it has not been possible to study the output (standard
output and error) for scripts which are failing to run
properly. These directives provide more detailed logging of errors
when they occur.</p>
<h3>CGI Logfile Format</h3>
<p>When configured, the CGI error log logs any CGI which does not
execute properly. Each CGI script which fails to operate causes
several lines of information to be logged. The first two lines
are always of the format:</p>
<div class="example"><p><code>
%% [<var>time</var>] <var>request-line</var><br />
%% <var>HTTP-status</var> <var>CGI-script-filename</var>
</code></p></div>
<p>If the error is that CGI script cannot be run, the log file
will contain an extra two lines:</p>
<div class="example"><p><code>
%%error<br />
<var>error-message</var>
</code></p></div>
<p>Alternatively, if the error is the result of the script
returning incorrect header information (often due to a bug in
the script), the following information is logged:</p>
<div class="example"><p><code>
%request<br />
<var>All HTTP request headers received</var><br />
<var>POST or PUT entity (if any)</var><br />
%response<br />
<var>All headers output by the CGI script</var><br />
%stdout<br />
<var>CGI standard output</var><br />
%stderr<br />
<var>CGI standard error</var><br />
</code></p></div>
<p>(The %stdout and %stderr parts may be missing if the script did
not output anything on standard output or standard error).</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="CGIScriptTimeout" id="CGIScriptTimeout">CGIScriptTimeout</a> <a name="cgiscripttimeout" id="cgiscripttimeout">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The length of time to wait for more output from the
CGI program</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CGIScriptTimeout <var>time</var>[s|ms]</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>value of <code class="directive"><a href="../mod/core.html#timeout">Timeout</a></code> directive when
unset</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cgi</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.4.59 and later.</td></tr>
</table>
<p>This directive limits the length of time to wait for more output from
the CGI program. If the time is exceeded, the request and CGI are
terminated.</p>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">CGIScriptTimeout 20</pre>
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="ScriptLog" id="ScriptLog">ScriptLog</a> <a name="scriptlog" id="scriptlog">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Location of the CGI script error logfile</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLog <var>file-path</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
</table>
<p>The <code class="directive">ScriptLog</code> directive sets the CGI
script error logfile. If no <code class="directive">ScriptLog</code> is given,
no error log is created. If given, any CGI errors are logged into the
filename given as argument. If this is a relative file or path it is
taken relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.
</p>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ScriptLog logs/cgi_log</pre>
</div>
<p>This log will be opened as the user the child processes run
as, <em>i.e.</em> the user specified in the main <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> directive. This means that
either the directory the script log is in needs to be writable
by that user or the file needs to be manually created and set
to be writable by that user. If you place the script log in
your main logs directory, do <strong>NOT</strong> change the
directory permissions to make it writable by the user the child
processes run as.</p>
<p>Note that script logging is meant to be a debugging feature
when writing CGI scripts, and is not meant to be activated
continuously on running servers. It is not optimized for speed
or efficiency, and may have security problems if used in a
manner other than that for which it was designed.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="ScriptLogBuffer" id="ScriptLogBuffer">ScriptLogBuffer</a> <a name="scriptlogbuffer" id="scriptlogbuffer">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum amount of PUT or POST requests that will be recorded
in the scriptlog</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLogBuffer <var>bytes</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ScriptLogBuffer 1024</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
</table>
<p>The size of any PUT or POST entity body that is logged to
the file is limited, to prevent the log file growing too big
too quickly if large bodies are being received. By default, up
to 1024 bytes are logged, but this can be changed with this
directive.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="ScriptLogLength" id="ScriptLogLength">ScriptLogLength</a> <a name="scriptloglength" id="scriptloglength">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size limit of the CGI script logfile</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLogLength <var>bytes</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ScriptLogLength 10385760</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
</table>
<p><code class="directive">ScriptLogLength</code> can be used to limit the
size of the CGI script logfile. Since the logfile logs a lot of
information per CGI error (all request headers, all script output)
it can grow to be a big file. To prevent problems due to unbounded
growth, this directive can be used to set an maximum file-size for
the CGI logfile. If the file exceeds this size, no more
information will be written to it.</p>
</div>
</div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/mod/mod_cgi.html" title="English"> en </a> |
<a href="../fr/mod/mod_cgi.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
<a href="../ja/mod/mod_cgi.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../ko/mod/mod_cgi.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/mod_cgi.html';
(function(w, d) {
if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
d.write('<div id="comments_thread"><\/div>');
var s = d.createElement('script');
s.type = 'text/javascript';
s.async = true;
s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
(d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
}
else {
d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
}
})(window, document);
//--><!]]></script></div><div id="footer">
<p class="apache">Copyright 2024 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();
}
//--><!]]></script>
</body></html>
|