> Christopher Zimmermann wrote: > Tim Baumgard wrote: >> According to convention and httpd.conf(5), the $DOCUMENT_URI macro for >> FastCGI calls should expand to the request path instead of the path >> alias. > > FastCGI / CGI is poorly documented. As far as convention goes, at least > nginx uses the rewritten url, too: > > $document_uri > same as $uri > > $uri > current URI in request, normalized > > The value of $uri may change during request processing, e.g. when > doing internal redirects, or when using index files. > > This behavior has the effect that the CGI script will know the > "canonical" url of the requested ressource, not an alias that the > client happened to request. We call the rewritten, canonical url "alias" > in our code, so that might be confusing.
Indeed, nginx works as you described. Also, it appears lighttpd works in a similar way. "Convention" was a bad word choice. I meant that it's what Apache and many implementations of SSI do. It's also what I was finding when searching using queries along the lines of "CGI DOCUMENT_URI", which I was doing because the CGI RFC doesn't include DOCUMENT_URI. The current behavior is redundant since SCRIPT_NAME, which is in the RFC, and DOCUMENT_URI are always set to the same thing. Also, the man page says that the $DOCUMENT_URI macro is "the request path" and the $REQUEST_URI macro is "the request path and optional query string." I suppose it's OK to use different meanings for the same term in these two different places since they're serving different purposes, but it's a little misleading. Anyway, while I now think the current behavior is probably best in terms of the semantics of "DOCUMENT_URI," the point I just tried to make with my drawn-out explanation is that it's pretty easy to come to the same incorrect conclusion that I did. So, instead of considering what I sent previously, here's a diff for the httpd.conf(5) man page that adds a list of the variables (and their descriptions) that are given to the FastCGI handler. Making the behavior for these values explicit should avoid any similar confusion, and I'm sure it would be helpful in other ways as well. Index: httpd.conf.5 =================================================================== RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v retrieving revision 1.68 diff -u -p -r1.68 httpd.conf.5 --- httpd.conf.5 19 Jul 2015 05:17:27 -0000 1.68 +++ httpd.conf.5 15 Apr 2016 00:55:25 -0000 @@ -274,6 +274,59 @@ root directory of .Xr httpd 8 and defaults to .Pa /run/slowcgi.sock . +.Pp +The FastCGI handler will be given the following variables: +.Pp +.Bl -tag -width GATEWAY_INTERFACE -offset indent -compact +.It Ic DOCUMENT_ROOT +The document root in which the script is located as configured by the +.Ic root +option for the server or location that matches the request. +.It Ic DOCUMENT_URI +The URI path to the script. +.It Ic GATEWAY_INTERFACE +The revision of the CGI specification used. +.It Ic HTTP_* +Additional HTTP headers the connected client sent in the request, if +any. +.It Ic HTTPS +A variable that is set to +.Qq on +when the server has been configured to use TLS. This variable is not +given otherwise. +.It Ic PATH_INFO +The optional path appended after the script name in the request path. +This variable is empty if no path is appended after the script name. +.It Ic QUERY_STRING +The optional query string of the request. +.It Ic REMOTE_ADDR +The IP address of the connected client. +.It Ic REMOTE_PORT +The TCP source port of the connected client +.It Ic REMOTE_USER +The remote user when using HTTP authentication. +.It Ic REQUEST_METHOD +The HTTP method the connected client used when making the request. +.It Ic REQUEST_URI +The request path and optional query string. +.It Ic SCRIPT_FILENAME +The absolute path to the script within the +.Xr chroot 2 +directory. +.It Ic SCRIPT_NAME +The URI path to the script. +.It Ic SERVER_ADDR +The configured IP address of the server. +.It Ic SERVER_NAME +The name of the server. +.It Ic SERVER_PORT +The configured TCP port of the server. +.It Ic SERVER_PROTOCOL +The revision of the HTTP specification used. +.It Ic SERVER_SOFTWARE +The server software name of +.Xr httpd 8 . +.El .It Ic hsts Oo Ar option Oc Enable HTTP Strict Transport Security. Valid options are:
