Update CGI documentation and add testable examples for CGI support (Issue #5940)

author Michael R Sweet <msweet@msweet.org>

Thu, 9 Sep 2021 15:09:12 +0000 (11:09 -0400)

committer Michael R Sweet <msweet@msweet.org>

Thu, 9 Sep 2021 15:09:12 +0000 (11:09 -0400)
author Michael R Sweet <msweet@msweet.org>
Thu, 9 Sep 2021 15:09:12 +0000 (11:09 -0400)
committer Michael R Sweet <msweet@msweet.org>
Thu, 9 Sep 2021 15:09:12 +0000 (11:09 -0400)
diff --git a/.gitignore b/.gitignore

index a5e32e600aa0d5ef4cdc5892c4e1dd3f19c49306..3bc3f2efcc2e43f1552c99bd6509ae3ba3f1b30f 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
  *.a
  *.bck
-*.cgi
+/cgi-bin/*.cgi
  *.o
  autom4te.cache
  config.h
diff --git a/CHANGES.md b/CHANGES.md

index 0ad35520487f6c7ae9a603b5082de30e27f984f0..efc6f4fa4dab497340df2988d87a8bc76b59fa11 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -83,6 +83,8 @@ Changes in CUPS v2.3.5
    directive in `cupsd.conf` (Issue #5733)
  - Fixed `@IF(name)` handling in `cupsd.conf` (Issue #5918)
  - The scheduler now supports the "everywhere" model directly (Issue #5919)
+- Fixed documentation and added examples for CUPS' limited CGI support
+  (Issue #5940)
  - Fixed the `lpc` command prompt (Issue #5946)
  - Fixed `job-pages-per-set` value for duplex print jobs.
  
diff --git a/conf/cgi.types b/conf/cgi.types

new file mode 100644 (file)

index 0000000..2c39b3f
--- /dev/null
+++ b/conf/cgi.types
@@ -0,0 +1 @@
+application/x-httpd-cgi cgi php
diff --git a/doc/help/cgi.html b/doc/help/cgi.html

index 34c6debb35d3f7b57345c9059f778763f6db89e0..150bacdbcc7b4efe098eb5f7ff55d5bc75414c9b 100644 (file)
--- a/doc/help/cgi.html
+++ b/doc/help/cgi.html
@@ -1,82 +1,41 @@
-<HTML>
+<!DOCTYPE html>
+<html>
  <!-- SECTION: Getting Started -->
-<HEAD>
-       <TITLE>Using CGI Programs</TITLE>
-       <LINK REL="STYLESHEET" TYPE="text/css" HREF="../cups-printable.css">
-</HEAD>
-<BODY>
+  <head>
+    <title>Using CGI Programs</title>
+    <link rel="stylesheet" type="text/css" href="../cups-printable.css">
+  </head>
+  <body>
+    <h1 class="title">Using CGI Programs</h1>
  
-<H1 CLASS="title">Using CGI Programs</H1>
+    <p>CUPS provides a dynamic web interface through dedicated CGI programs that are executed when users open special directories on the CUPS server. Each CGI performs administration, class, help, job, and printer functions as directed by the user, but the actual programs that are run and functions that are available are limited to those that were originally designed into the scheduler.</p>
  
-<P>CUPS provides a dynamic web interface through dedicated CGI programs that
-are executed when users open special directories on the CUPS server. Each CGI
-performs administration, class, help, job, and printer functions as directed by
-the user, but the actual programs that are run and functions that are available
-are limited to those that were originally designed into the scheduler.</P>
+    <p>CUPS also supports CGI scripts/programs for pages you want to provide, although this functionality is disabled by default. The "application/x-httpd-cgi" MIME media type is used to identify CGI content and can be associated with any filename extension. The scheduler requires CGI content to have the execute bit set, not have world or group write permissions, and any CGI scripts need to include a <tt>#!</tt> line as the first line of a script to identify the script interpreter. For example, a PHP script would look like:</p>
  
-<P>CUPS also supports CGI programs and specific scripting languages (Java, Perl,
-PHP, and Python) for pages you want to provide.  The interpreters for these
-languages are currently configured at compile time and are associated with
-MIME media types. <a href="#TABLE1">Table 1</a> shows the MIME media types that
-are reserved for each type of page and are the same as those used by the Apache
-web server.</P>
+    <pre class="example">
+#!/usr/bin/php -fn
+&lt;?php
+...
+?&gt;
+</pre>
  
-<DIV CLASS="table"><TABLE SUMMARY="CGI MIME Media Types">
-<CAPTION><A NAME="TABLE1">Table 1</A>: CGI MIME Media Types</CAPTION>
-<TR>
-       <TH>MIME Media Type</TH>
-       <TH>Description</TH>
-</TR>
-<TR>
-       <TD>application/x-httpd-cgi</TD>
-       <TD>CGI script/program</TD>
-</TR>
-<TR>
-       <TD>application/x-httpd-java</TD>
-       <TD>Java program</TD>
-</TR>
-<TR>
-       <TD>application/x-httpd-perl</TD>
-       <TD>Perl script</TD>
-</TR>
-<TR>
-       <TD>application/x-httpd-php</TD>
-       <TD>PHP script</TD>
-</TR>
-<TR>
-       <TD>application/x-httpd-python</TD>
-       <TD>Python script</TD>
-</TR>
-</TABLE></DIV>
  
-<H2><A NAME="CONFIG">Configuring the Server</A></H2>
+    <h2><a name="CONFIG">Configuring the Server</a></h2>
  
-<P>In order to enable the corresponding type, you must create a
-new <VAR>/etc/cups/cgi.types</VAR> file which maps the filename
-extensions to the appropriate MIME types, for example:</P>
+    <p>In order to enable the corresponding type, you must create a new <var>/etc/cups/cgi.types</var> file which maps the filename extensions you use to the appropriate MIME types. For example, the following will support CGI programs/scripts with the "cgi" extension:</p>
  
-<PRE CLASS="command">
+    <pre class="command">
  application/x-httpd-cgi cgi
-application/x-httpd-java class
-application/x-httpd-perl pl
-application/x-httpd-php php
-application/x-httpd-python py
-</PRE>
+</pre>
  
-<P>CGI scripts/programs (application/x-httpd-cgi) also must be owned by root, have execution permissions, and not have world or group write permissions to be treated as a CGI script or program.</P>
  
-<H2><A NAME="LIMITS">Limitations</A></H2>
+    <h2><a name="LIMITS">Limitations</a></h2>
  
-<P>CUPS implements most of the CGI/1.1 specification, with the
-following exceptions:</P>
+    <p>CUPS implements most of the CGI/1.1 specification, with the following exceptions:</p>
  
-<UL>
-
-       <LI>No PATH_INFO or PATH_TRANSLATED support</LI>
-
-       <LI>Limited HTTP field support; only the Content-Length (CONTENT_LENGTH), Content-Type (CONTENT_TYPE), Cookie (HTTP_COOKIE), Referrer (HTTP_REFERRER), and User-Agent (HTTP_USER_AGENT) fields are placed in environment variables at this time</LI>
-
-</UL>
-
-</BODY>
-</HTML>
+    <ul>
+      <li>No PATH_INFO or PATH_TRANSLATED support</li>
+      <li>Limited HTTP field support; only the Content-Length (<tt>CONTENT_LENGTH</tt>), Content-Type (<tt>CONTENT_TYPE</tt>), Cookie (<tt>HTTP_COOKIE</tt>), Referrer (<tt>HTTP_REFERRER</tt>), and User-Agent (<tt>HTTP_USER_AGENT</tt>) fields are placed in environment variables at this time</li>
+    </ul>
+  </body>
+</html>
diff --git a/doc/test.cgi b/doc/test.cgi

new file mode 100755 (executable)

index 0000000..6d98759
--- /dev/null
+++ b/doc/test.cgi
@@ -0,0 +1,7 @@
+#!/bin/sh
+echo "Content-Type: text/plain"
+echo ""
+echo "POSIX shell CGI test page."
+echo ""
+echo "ps ax"
+ps ax
diff --git a/doc/test.php b/doc/test.php

new file mode 100755 (executable)

index 0000000..f33a54f
--- /dev/null
+++ b/doc/test.php
@@ -0,0 +1,20 @@
+#!/usr/bin/php -nf
+<?php
+print("Content-Type: text/html\n\n");
+print("<!DOCTYPE html>\n"
+     ."<html>\n"
+     ."  <head>\n"
+     ."    <title>PHP script CGI test page</title>\n"
+     ."  </head>\n"
+     ."  <body>\n"
+     ."    <h1>PHP script CGI test page</h1>\n"
+     ."    <pre><kbd>ps ax</kbd>\n");
+$fp = popen("ps ax", "r");
+while ($line = fgets($fp, 1024))
+{
+  print(htmlspecialchars($line));
+}
+print("</pre>\n"
+     ."  </body>\n"
+     ."</html>\n");
+?>
diff --git a/scheduler/client.c b/scheduler/client.c

index ba54117e684759d30b2d03fea2059a28adc00273..0126ef02daec31edd8ff9a4f0eb79bc4497787d5 100644 (file)
--- a/scheduler/client.c
+++ b/scheduler/client.c
@@ -2,7 +2,7 @@
   * Client routines for the CUPS scheduler.
   *
   * Copyright © 2021 by OpenPrinting.
- * Copyright © 2007-2019 by Apple Inc.
+ * Copyright © 2007-2021 by Apple Inc.
   * Copyright © 1997-2007 by Easy Software Products, all rights reserved.
   *
   * This file contains Kerberos support code, copyright 2006 by
@@ -3120,8 +3120,7 @@ is_cgi(cupsd_client_t *con,               /* I - Client connection */
      return (0);
    }
  
-  if (!_cups_strcasecmp(type->type, "x-httpd-cgi") &&
-      (filestats->st_mode & 0111))
+  if (!_cups_strcasecmp(type->type, "x-httpd-cgi") && (filestats->st_mode & 0111) && (getuid() || !(filestats->st_mode & 022)))
    {
     /*
      * "application/x-httpd-cgi" is a CGI script.
diff --git a/test/run-stp-tests.sh b/test/run-stp-tests.sh

index 2f9630f5242ccd7a7318c505469ad0d4a14ca049..58d2692f5b47d98824b6a833c017a5d1f9ecad3b 100755 (executable)
--- a/test/run-stp-tests.sh
+++ b/test/run-stp-tests.sh
@@ -3,7 +3,7 @@
  # Perform the complete set of IPP compliance tests specified in the
  # CUPS Software Test Plan.
  #
-# Copyright © 2007-2019 by Apple Inc.
+# Copyright © 2007-2021 by Apple Inc.
  # Copyright © 1997-2007 by Easy Software Products, all rights reserved.
  #
  # Licensed under Apache License v2.0.  See the file "LICENSE" for more
@@ -356,6 +356,7 @@ cat >$BASE/share/banners/classified <<EOF
  EOF
  ln -s $root/data $BASE/share
  ln -s $root/ppdc/sample.drv $BASE/share/drv
+ln -s $root/conf/cgi.types $BASE/share/mime
  ln -s $root/conf/mime.types $BASE/share/mime
  ln -s $root/conf/mime.convs $BASE/share/mime
  ln -s $root/data/*.h $BASE/share/ppdc
author	Michael R Sweet <msweet@msweet.org>
	Thu, 9 Sep 2021 15:09:12 +0000 (11:09 -0400)
committer	Michael R Sweet <msweet@msweet.org>
	Thu, 9 Sep 2021 15:09:12 +0000 (11:09 -0400)
.gitignore		patch \| blob \| blame \| history
CHANGES.md		patch \| blob \| blame \| history
conf/cgi.types	[new file with mode: 0644]	patch \| blob
doc/help/cgi.html		patch \| blob \| blame \| history
doc/test.cgi	[new file with mode: 0755]	patch \| blob
doc/test.php	[new file with mode: 0755]	patch \| blob
scheduler/client.c		patch \| blob \| blame \| history
test/run-stp-tests.sh		patch \| blob \| blame \| history