Re: [mod-security-users] Add SCRIPT_NAME to known CGI variables?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Add SCRIPT_NAME to known CGI variables?
|
From: Ivan R. <iv...@we...> - 2005-11-03 10:36:25
|
Eli wrote: > I was looking for a CGI variable which contained only the path of the script > called in the URI, minus the DOCUMENT_ROOT. Apparently both > REQUEST_FILENAME and SCRIPT_FILENAME are the full script path on the server, > and the only CGI variable I can find that would be those, minus the > DOCUMENT_ROOT, is SCRIPT_NAME, but it isn't accepted (1.9RC1 being used). > > Is there any reason this CGI variable is not allowed in mod_security? There is no particular reason for that - I simply missed the variable. I'll add it to the TODO list for the next release. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
