PDA

View Full Version : Huh?! How's this possible (Apache+Win98)



chrisvmarle
04-10-2003, 09:56 PM
I'm running Win98 with Apache (+PHP4 module + perl +MySQL)

Lately I noticed the following:
the file wich is accessed by the URL http://localhost/index.php
is also accessable on http://localhost/index and also http://localhost/index/as/many/dirs/as/I/want

Has anyone any idea how this is possible? I'm afraid of security lags that's why I'm asking...

Thanks in advance
Mzzl, Chris

firepages
04-12-2003, 05:55 AM
Its the apache 'lookback' feature , which does not I think have a proper name as such ? anyway

Basically if apache can not find the file it is pointed at it will 'lookback' to the previous part of the url and see if indeed that is a file , so with

blah.com/index/no_existy

apache knows that no_existy does not exist so it goes back to index/ which also does not exist as a directory so it checks to see if index.html or index.htm (or whatever your text/html mimes are) to see if one of those exist , if it does it displays it.

its useful for search-engine friendly urls where you can use this 'feature' to pass info in the URL without using '?' and '&' etc

blah.com/index/var1/var2

if index.php exists index.php then has $_SERVER['PATH_INFO']; available which will contain the string '/var1/var2' which can then be used as required.

Off the top of my head I cant remember which module controls this behaviour though it is possible to disalble it via 'options' in .htaccess or httpd.conf

chrisvmarle
04-12-2003, 02:10 PM
Thanks for the advise :)

Esspecially the $_SERVER['PATH_INFO']; this answers a question of me (http://www.codingforums.com/showthread.php?s=&threadid=11314) that I asked a while ago... :D

Thank you

Mzzl, Chris