Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Server Design Assignment #5: Unsafe Methods & CGI Due: 05/05/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin.

Published byByron Ramsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Web Server Design Assignment #5: Unsafe Methods & CGI Due: 05/05/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin."— Presentation transcript:

1 Web Server Design Assignment #5: Unsafe Methods & CGI Due: 05/05/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein

2 Grading To be done by an automated program that will test most (all?) combinations –assignment is listed under the day it is to be demoed in class –each group will give a 3-4 minute status report the week before an assignment is due! If you have a question: –email the class list –mimic the behavior of a well known Apache server (e.g., www.cs.odu.edu)

3 Methods to Support Same as assignments 1-4, plus: –DELETE, PUT, POST as per Lecture 13 n.b. OPTIONS (lecture 13)

4 Status Codes to Support Same as assignments 1-4, plus: –201 Created PUT, POST –405 Method Not Allowed –411 Length Required –413 Request Entity Too Large –414 Request-URI Too Long

5 Request Headers Same as assignments 1-4, plus: –Content-type: –Content-Length: –Content-Disposition: (in form data)

6 Response Headers Same as assignments 1-4

7 MIME Types, Encodings, etc. All as per assignments 1-4, plus: Your server accepts the following “Content- Type” headers: –multipart/form-data –application/x-form-www-urlencoded

8 Guidelines PUT, DELETE are allowed recursively, as per directives in the WeMustProtectThisHouse! file Limits –URI: 2k –Entity: 2MB You should flag for Entities longer than advertised as per the “Content-Length” header, but I will not test for error conditions Always issue an HTML description describing the results (success or failure) of PUT and DELETE –we will not produce 202 or 204

9 WeMustProtectThisHouse! Format % cat WeMustProtectThisHouse\! # ALLOW-PUT ALLOW-DELETE # authorization-type=Basic realm=“Fried Twice” # always quote realm since it might have spaces # # user format = name:md5(password) # mklein:3102125cae72c19f215480ddf2d0d5c3 mk:318bcb4be908d0da6448a0db76908d78 jbollen:c82138c7e01ad922b0a58fdd33c3a91c mln:5a71416849df37fd781035da39885214

10 CGI Invocation Invoke the URI as an executable program iff: –POST, GET, HEAD methods are used Warning!!! –ensure your URI is relative to your document root dangerous: GET /bin/rm?-rf HTTP/1.1

11 CGI Program #!/usr/bin/perl print "Content-type: text/html\n\n"; foreach $key (keys (%ENV)) { print "$key = $ENV{$key} \n"; } while ( ) { print "$_ \n"; }

12 Required Environment Variables SCRIPT_NAME SCRIPT_URI SCRIPT_FILENAME HTTP_REFERER HTTP_USER_AGENT REQUEST_METHOD REMOTE_ADDR QUERY_STRING REMOTE_USER AUTH_TYPE SERVER_NAME SERVER_SOFTWARE SERVER_PORT SERVER_ADDR SERVER_PROTOCOL leave blank if not available

13 Keep in mind: Status report in 1 week!

14 START NOW!!!

Download ppt "Web Server Design Assignment #5: Unsafe Methods & CGI Due: 05/05/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin."

Similar presentations

How does the server format the information it gives to the appln program? As environment variables and in standard input.

How does the server format the information it gives to the appln program? As environment variables and in standard input.
Configuring Apache Server and Perl for CGI T.A. Maisa Khudair Dr. Qusai Abu Ein.

Configuring Apache Server and Perl for CGI T.A. Maisa Khudair Dr. Qusai Abu Ein.
CGI. XML2 Common Gateway Interface n Georgia Tech 1995 Web Usage Survey –Perl - 46.7% –C - 12.5% –Shell Scripts - 8.1% –Tcl - Tool Commercial Language.

CGI. XML2 Common Gateway Interface n Georgia Tech 1995 Web Usage Survey –Perl % –C % –Shell Scripts - 8.1% –Tcl - Tool Commercial Language.
Pass data1 Passing data from an HTML page to a program Dr Jim Briggs.

Pass data1 Passing data from an HTML page to a program Dr Jim Briggs.
Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules.

Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules.
Hypertext Transport Protocol CS - 328 Dick Steflik.

Hypertext Transport Protocol CS Dick Steflik.
 What is it ? What is it ?  URI,URN,URL URI,URN,URL  HTTP – methods HTTP – methods  HTTP Request Packets HTTP Request Packets  HTTP Request Headers.

 What is it ? What is it ?  URI,URN,URL URI,URN,URL  HTTP – methods HTTP – methods  HTTP Request Packets HTTP Request Packets  HTTP Request Headers.
Common Gateway Interface

Common Gateway Interface
Chapter 9 Using Perl for CGI Programming. Computation is required to support sophisticated web applications Computation can be done by the server or the.

Chapter 9 Using Perl for CGI Programming. Computation is required to support sophisticated web applications Computation can be done by the server or the.
Overview A plain HTML document is static A CGI program is executed in real-time, so that it can output dynamic information. CGI (Common Gateway Interface)

Overview A plain HTML document is static A CGI program is executed in real-time, so that it can output dynamic information. CGI (Common Gateway Interface)
CP3024 Lecture 3 Server Side Facilities. Lecture contents  Server side includes  Common gateway interface (CGI)  PHP Hypertext Preprocessor (PHP) pages.

CP3024 Lecture 3 Server Side Facilities. Lecture contents  Server side includes  Common gateway interface (CGI)  PHP Hypertext Preprocessor (PHP) pages.
Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.

Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.
1 HTML and CGI Scripting CSC8304 – Computing Environments for Bioinformatics - Lecture 10.

1 HTML and CGI Scripting CSC8304 – Computing Environments for Bioinformatics - Lecture 10.
HyperText Transfer Protocol (HTTP).  HTTP is the protocol that supports communication between web browsers and web servers.  A “Web Server” is a HTTP.

HyperText Transfer Protocol (HTTP).  HTTP is the protocol that supports communication between web browsers and web servers.  A “Web Server” is a HTTP.
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
Nic Shulver, Intro: Developing Server Applications What is a server? Many types of server – File server – file: networked file.

Nic Shulver, Intro: Developing Server Applications What is a server? Many types of server – File server – file: networked file.
Web Server Design Week 14 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/14/10.

Web Server Design Week 14 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/14/10.
USING PERL FOR CGI PROGRAMMING

USING PERL FOR CGI PROGRAMMING
CSE 190: Internet E-Commerce Lecture 5. Exam Material Lectures 1-4 (Presentation Tier) –3-tier architecture –HTML –Style sheets –Javascript –DOM –HTTP.

CSE 190: Internet E-Commerce Lecture 5. Exam Material Lectures 1-4 (Presentation Tier) –3-tier architecture –HTML –Style sheets –Javascript –DOM –HTTP.
CSCE 510 - Systems Programming Lecture 21 Web Server: CGI -Dynamic Pages CSCE March 25, 2013.

CSCE Systems Programming Lecture 21 Web Server: CGI -Dynamic Pages CSCE March 25, 2013.

Similar presentations

Ads by Google