💾 Archived View for rawtext.club › ~sloum › geminilist › 001477.gmi captured on 2020-09-24 at 01:51:30. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

<-- back to the mailing list

CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)

Michael Lazar lazar.michael22 at gmail.com

Wed Jun 10 02:02:24 BST 2020

- - - - - - - - - - - - - - - - - - - 

On Tue, Jun 9, 2020 at 7:14 PM Sean Conner <sean at conman.org> wrote:

It was thus said that the Great solderpunk once stated:

(following Sean's lead for now, although I need to bring up some points

for discussion about this in the near future).

So I have two CGI scripts set up. Both are in a "protected" area of the

server (on my development machine) that requires a client certificate. One

receives *just* the RFC-3875 defined variables:

AUTH_TYPE=Certificate

GEMINI_DOCUMENT_ROOT=/home/spc/projects/gemini/non-checkin/cgi-bin

GEMINI_URL=gemini://lucy.roswell.area51/cgi-bin/beta/foobar?one=1&two=2

GEMINI_URL_PATH=/cgi-bin/beta/foobar

PATH_INFO=/foobar

PATH_TRANSLATED=/home/spc/projects/gemini/non-checkin/cgi-bin/foobar

QUERY_STRING=one=1&two=2

REMOTE_ADDR=::ffff:192.168.1.10

REMOTE_HOST=::ffff:192.168.1.10

REMOTE_USER=Sean Conner

REQUEST_METHOD=

SCRIPT_NAME=/home/spc/projects/gemini/non-checkin/cgi-bin/./beta

SERVER_NAME=lucy.roswell.area51

SERVER_PORT=1965

SERVER_PROTOCOL=GEMINI

SERVER_SOFTWARE=GLV-1.12556/1

I believe this is using SCRIPT_NAME incorrectly per RFC 3875. The SCRIPT_NAMEshould be the part of the URI path that comes before the PATH_INFO [1]. So inyour example:

GEMINI_URL=gemini://lucy.roswell.area51/cgi-bin/beta/foobar?one=1&two=2SCRIPT_NAME=/cgi-bin/betaPATH_INFO=/foobar

I'm also curious how you are handling URL-encoding in your CGI variables. Forjetforce, I followed my best interpretation of the RFC 3875 guidelines:

- GEMINI_URL: URL-encoded (not specified by the RFC, of course)- QUERY_STRING: URL-encoded- PATH_INFO: URL-decoded- SCRIPT_NAME: URL-decoded

I have a CGI debug script setup here [2] if anybody wants to poke holes in myimplementation.

[1] https://tools.ietf.org/html/rfc3875#section-3.3[2] gemini://mozz.us/cgi-bin/debug.cgi

Best,Michael