[cs631apue] Final Project URI question
Jan Schaumann
jschauma at stevens.edu
Sat Dec 15 09:09:10 EST 2012
jphillip <jphillip at stevens.edu> wrote:
> Is it acceptable for our web server to assume that if the URI begins
> with a / that it is an absolute path in the file system starting at the
> root of the file system?
No, that's wrong.
> I. In this case the server would check if
> /doc/root/some/path/to/file existed and send that.
That's the correct behaviour. Any pathname requested is to be resolved
as under the document root (with the exception of the cgi requests as
previously discussed). What's more, as we discussed in class as well,
you need to make sure that requests cannot "break out" of the document
root (for example by specifying "..").
-Jan
More information about the cs631apue
mailing list