?
Solved

Where from .......

Posted on 1998-02-04
3
Medium Priority
?
161 Views
Last Modified: 2013-12-25
Is there a way for a CGI script to tell where it's called from. I mean a way that cannot be easily forged.
0
Comment
Question by:kazic
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Expert Comment

by:jhance
ID: 1831915
When the server runs the cgi script, it sets the environment variable SCRIPT_NAME to the path to the script.  This will tell you what name it was called with.  If you're interested in where (i.e. remote computer) it was called from, you can examine the REMOTE_HOST and REMOTE_ADDR environment variables.
0
 
LVL 1

Author Comment

by:kazic
ID: 1831916
OK, but can you tell me how the CGI script knows where it's called from ? Can you not forge that ?
0
 
LVL 32

Accepted Solution

by:
jhance earned 400 total points
ID: 1831917
Please be more specific about what you mean by "where it's called from ".  Do you mean which remote client computer it's called from?  Or do you mean which script was run?

In the case of the client computer, or REMOTE_HOST/REMOTE_ADDR, this is determined by the web server by getting the IP address of the incoming connection.  That is the REMOTE_ADDR.  It then tries to do a reverse DNS lookup on the IP address to get the REMOTE_HOST name.  Is is possible to "forge" these.  If you use a proxy server, your web server will report the proxy as the REMOTE_ADDR instead of the true client.  

In the case of the SCRIPT_NAME, this is provided by the web server as a part of it's running the script.  As long as you have properly secured the cgi-bin directories against unauthorized use, a user will not be able to run anything that is not authorized.

If I am missing your question here, why don't you post some additional information about what you are trying to do.  Perhaps if you described the situation you are having trouble with or are trying to protect against, it would help.
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is becoming increasingly popular to have a front-page slider on a web site. Nearly every TV website,  magazine or online news has one on their site, and even some e-commerce sites have one. Today you can use sliders with Joomla, WordPress or …
I hope you'll find this tutorial useful and interesting. So let's try to extend Tcl with a new package.  For anyone more deeply interested please check out the book "Practical Programming in Tcl and Tk". It's really one of the best written books abo…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Learn the basics of if, else, and elif statements in Python 2.7. Use "if" statements to test a specified condition.: The structure of an if statement is as follows: (CODE) Use "else" statements to allow the execution of an alternative, if the …
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question