diff options
| author | Michael R Sweet <msweet@msweet.org> | 2021-09-09 11:09:12 -0400 |
|---|---|---|
| committer | Michael R Sweet <msweet@msweet.org> | 2021-09-09 11:09:12 -0400 |
| commit | d03753f33432c790d7ed6c2487080e09bf884254 (patch) | |
| tree | e0f962725e0d9ba3efb2d909820a93f9595f7c4a | |
| parent | 0bd1ce94ecba63b77f15f6bc154745bfd1faece5 (diff) | |
| download | cups-d03753f33432c790d7ed6c2487080e09bf884254.tar.gz | |
Update CGI documentation and add testable examples for CGI support (Issue #5940)
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | CHANGES.md | 2 | ||||
| -rw-r--r-- | conf/cgi.types | 1 | ||||
| -rw-r--r-- | doc/help/cgi.html | 97 | ||||
| -rwxr-xr-x | doc/test.cgi | 7 | ||||
| -rwxr-xr-x | doc/test.php | 20 | ||||
| -rw-r--r-- | scheduler/client.c | 5 | ||||
| -rwxr-xr-x | test/run-stp-tests.sh | 3 |
8 files changed, 63 insertions, 74 deletions
diff --git a/.gitignore b/.gitignore index a5e32e600..3bc3f2efc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ *.a *.bck -*.cgi +/cgi-bin/*.cgi *.o autom4te.cache config.h diff --git a/CHANGES.md b/CHANGES.md index 0ad355204..efc6f4fa4 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -83,6 +83,8 @@ Changes in CUPS v2.3.5 directive in `cupsd.conf` (Issue #5733) - Fixed `@IF(name)` handling in `cupsd.conf` (Issue #5918) - The scheduler now supports the "everywhere" model directly (Issue #5919) +- Fixed documentation and added examples for CUPS' limited CGI support + (Issue #5940) - Fixed the `lpc` command prompt (Issue #5946) - Fixed `job-pages-per-set` value for duplex print jobs. diff --git a/conf/cgi.types b/conf/cgi.types new file mode 100644 index 000000000..2c39b3f23 --- /dev/null +++ b/conf/cgi.types @@ -0,0 +1 @@ +application/x-httpd-cgi cgi php diff --git a/doc/help/cgi.html b/doc/help/cgi.html index 34c6debb3..150bacdbc 100644 --- a/doc/help/cgi.html +++ b/doc/help/cgi.html @@ -1,82 +1,41 @@ -<HTML> +<!DOCTYPE html> +<html> <!-- SECTION: Getting Started --> -<HEAD> - <TITLE>Using CGI Programs</TITLE> - <LINK REL="STYLESHEET" TYPE="text/css" HREF="../cups-printable.css"> -</HEAD> -<BODY> + <head> + <title>Using CGI Programs</title> + <link rel="stylesheet" type="text/css" href="../cups-printable.css"> + </head> + <body> + <h1 class="title">Using CGI Programs</h1> -<H1 CLASS="title">Using CGI Programs</H1> + <p>CUPS provides a dynamic web interface through dedicated CGI programs that are executed when users open special directories on the CUPS server. Each CGI performs administration, class, help, job, and printer functions as directed by the user, but the actual programs that are run and functions that are available are limited to those that were originally designed into the scheduler.</p> -<P>CUPS provides a dynamic web interface through dedicated CGI programs that -are executed when users open special directories on the CUPS server. Each CGI -performs administration, class, help, job, and printer functions as directed by -the user, but the actual programs that are run and functions that are available -are limited to those that were originally designed into the scheduler.</P> + <p>CUPS also supports CGI scripts/programs for pages you want to provide, although this functionality is disabled by default. The "application/x-httpd-cgi" MIME media type is used to identify CGI content and can be associated with any filename extension. The scheduler requires CGI content to have the execute bit set, not have world or group write permissions, and any CGI scripts need to include a <tt>#!</tt> line as the first line of a script to identify the script interpreter. For example, a PHP script would look like:</p> -<P>CUPS also supports CGI programs and specific scripting languages (Java, Perl, -PHP, and Python) for pages you want to provide. The interpreters for these -languages are currently configured at compile time and are associated with -MIME media types. <a href="#TABLE1">Table 1</a> shows the MIME media types that -are reserved for each type of page and are the same as those used by the Apache -web server.</P> + <pre class="example"> +#!/usr/bin/php -fn +<?php +... +?> +</pre> -<DIV CLASS="table"><TABLE SUMMARY="CGI MIME Media Types"> -<CAPTION><A NAME="TABLE1">Table 1</A>: CGI MIME Media Types</CAPTION> -<TR> - <TH>MIME Media Type</TH> - <TH>Description</TH> -</TR> -<TR> - <TD>application/x-httpd-cgi</TD> - <TD>CGI script/program</TD> -</TR> -<TR> - <TD>application/x-httpd-java</TD> - <TD>Java program</TD> -</TR> -<TR> - <TD>application/x-httpd-perl</TD> - <TD>Perl script</TD> -</TR> -<TR> - <TD>application/x-httpd-php</TD> - <TD>PHP script</TD> -</TR> -<TR> - <TD>application/x-httpd-python</TD> - <TD>Python script</TD> -</TR> -</TABLE></DIV> -<H2><A NAME="CONFIG">Configuring the Server</A></H2> + <h2><a name="CONFIG">Configuring the Server</a></h2> -<P>In order to enable the corresponding type, you must create a -new <VAR>/etc/cups/cgi.types</VAR> file which maps the filename -extensions to the appropriate MIME types, for example:</P> + <p>In order to enable the corresponding type, you must create a new <var>/etc/cups/cgi.types</var> file which maps the filename extensions you use to the appropriate MIME types. For example, the following will support CGI programs/scripts with the "cgi" extension:</p> -<PRE CLASS="command"> + <pre class="command"> application/x-httpd-cgi cgi -application/x-httpd-java class -application/x-httpd-perl pl -application/x-httpd-php php -application/x-httpd-python py -</PRE> +</pre> -<P>CGI scripts/programs (application/x-httpd-cgi) also must be owned by root, have execution permissions, and not have world or group write permissions to be treated as a CGI script or program.</P> -<H2><A NAME="LIMITS">Limitations</A></H2> + <h2><a name="LIMITS">Limitations</a></h2> -<P>CUPS implements most of the CGI/1.1 specification, with the -following exceptions:</P> + <p>CUPS implements most of the CGI/1.1 specification, with the following exceptions:</p> -<UL> - - <LI>No PATH_INFO or PATH_TRANSLATED support</LI> - - <LI>Limited HTTP field support; only the Content-Length (CONTENT_LENGTH), Content-Type (CONTENT_TYPE), Cookie (HTTP_COOKIE), Referrer (HTTP_REFERRER), and User-Agent (HTTP_USER_AGENT) fields are placed in environment variables at this time</LI> - -</UL> - -</BODY> -</HTML> + <ul> + <li>No PATH_INFO or PATH_TRANSLATED support</li> + <li>Limited HTTP field support; only the Content-Length (<tt>CONTENT_LENGTH</tt>), Content-Type (<tt>CONTENT_TYPE</tt>), Cookie (<tt>HTTP_COOKIE</tt>), Referrer (<tt>HTTP_REFERRER</tt>), and User-Agent (<tt>HTTP_USER_AGENT</tt>) fields are placed in environment variables at this time</li> + </ul> + </body> +</html> diff --git a/doc/test.cgi b/doc/test.cgi new file mode 100755 index 000000000..6d98759a3 --- /dev/null +++ b/doc/test.cgi @@ -0,0 +1,7 @@ +#!/bin/sh +echo "Content-Type: text/plain" +echo "" +echo "POSIX shell CGI test page." +echo "" +echo "ps ax" +ps ax diff --git a/doc/test.php b/doc/test.php new file mode 100755 index 000000000..f33a54f74 --- /dev/null +++ b/doc/test.php @@ -0,0 +1,20 @@ +#!/usr/bin/php -nf +<?php +print("Content-Type: text/html\n\n"); +print("<!DOCTYPE html>\n" + ."<html>\n" + ." <head>\n" + ." <title>PHP script CGI test page</title>\n" + ." </head>\n" + ." <body>\n" + ." <h1>PHP script CGI test page</h1>\n" + ." <pre><kbd>ps ax</kbd>\n"); +$fp = popen("ps ax", "r"); +while ($line = fgets($fp, 1024)) +{ + print(htmlspecialchars($line)); +} +print("</pre>\n" + ." </body>\n" + ."</html>\n"); +?> diff --git a/scheduler/client.c b/scheduler/client.c index ba54117e6..0126ef02d 100644 --- a/scheduler/client.c +++ b/scheduler/client.c @@ -2,7 +2,7 @@ * Client routines for the CUPS scheduler. * * Copyright © 2021 by OpenPrinting. - * Copyright © 2007-2019 by Apple Inc. + * Copyright © 2007-2021 by Apple Inc. * Copyright © 1997-2007 by Easy Software Products, all rights reserved. * * This file contains Kerberos support code, copyright 2006 by @@ -3120,8 +3120,7 @@ is_cgi(cupsd_client_t *con, /* I - Client connection */ return (0); } - if (!_cups_strcasecmp(type->type, "x-httpd-cgi") && - (filestats->st_mode & 0111)) + if (!_cups_strcasecmp(type->type, "x-httpd-cgi") && (filestats->st_mode & 0111) && (getuid() || !(filestats->st_mode & 022))) { /* * "application/x-httpd-cgi" is a CGI script. diff --git a/test/run-stp-tests.sh b/test/run-stp-tests.sh index 2f9630f52..58d2692f5 100755 --- a/test/run-stp-tests.sh +++ b/test/run-stp-tests.sh @@ -3,7 +3,7 @@ # Perform the complete set of IPP compliance tests specified in the # CUPS Software Test Plan. # -# Copyright © 2007-2019 by Apple Inc. +# Copyright © 2007-2021 by Apple Inc. # Copyright © 1997-2007 by Easy Software Products, all rights reserved. # # Licensed under Apache License v2.0. See the file "LICENSE" for more @@ -356,6 +356,7 @@ cat >$BASE/share/banners/classified <<EOF EOF ln -s $root/data $BASE/share ln -s $root/ppdc/sample.drv $BASE/share/drv +ln -s $root/conf/cgi.types $BASE/share/mime ln -s $root/conf/mime.types $BASE/share/mime ln -s $root/conf/mime.convs $BASE/share/mime ln -s $root/data/*.h $BASE/share/ppdc |