Bug 51359 - Added shebang check for //! so that .js scripts work as CGI based on similar .vbs from [Guenter Knauf]
Summary: Added shebang check for //! so that .js scripts work as CGI based on similar ...
Status: RESOLVED LATER
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mpm_winnt (show other bugs)
Version: 2.2.17
Hardware: PC Windows XP
: P2 enhancement (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: MassUpdate
Depends on:
Blocks:
 
Reported: 2011-06-11 15:48 UTC by Keith Mashinter
Modified: 2018-11-07 21:08 UTC (History)
0 users



Attachments
mod_win32_js_cgi_for_trunk (2.16 KB, application/octet-stream)
2011-06-11 15:48 UTC, Keith Mashinter
Details
mod_win32_js_cgi_for_2_2_19 (2.16 KB, patch)
2011-06-11 15:49 UTC, Keith Mashinter
Details | Diff
mod_win32_js_cgi_for_trunk (2.16 KB, patch)
2011-06-11 15:49 UTC, Keith Mashinter
Details | Diff
I've added a patch for 2.5-HEAD. (2.12 KB, patch)
2014-07-19 20:10 UTC, Keith Mashinter
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Keith Mashinter 2011-06-11 15:48:31 UTC
Created attachment 27147 [details]
mod_win32_js_cgi_for_trunk

Related to this addition in Apache 2.2.18:
  *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI.
     Win32's cscript interpreter can only use a single quote as comment char.
     [Guenter Knauf]

I've also added handling for //! so that .js scripts work as CGI.
Comment 1 Keith Mashinter 2011-06-11 15:49:17 UTC
Created attachment 27148 [details]
mod_win32_js_cgi_for_2_2_19
Comment 2 Keith Mashinter 2011-06-11 15:49:45 UTC
Created attachment 27149 [details]
mod_win32_js_cgi_for_trunk
Comment 3 Keith Mashinter 2011-06-15 04:28:15 UTC
I've tested with simple cgi-bin/test.js that works to launch the script with cscript.exe //nologo.

//!cscript.exe //nologo
WScript.Echo("Content-Type: text/plain");
WScript.Echo("");
WScript.Echo("Hello World!");
Comment 4 Guenter Knauf 2012-09-21 16:31:19 UTC
You can now already run JScript code if you wrap it into a wsf file; f.e. create a testjs.wsf in cgi-bin folder with content:
'!c:/windows/system32/cscript -nologo
<job>
<script language="JScript">
  WSH.Echo("Content-type: text/plain\n");
  WSH.Echo("Hello world from " + ScriptEngine() + " !");
</script>
</job>

isnt this sufficient?
Comment 5 Keith Mashinter 2014-07-19 20:10:23 UTC
Created attachment 31833 [details]
I've added a patch for 2.5-HEAD.
Comment 6 Keith Mashinter 2014-07-19 20:24:41 UTC
As to the use of  *.wsf, this does seems to work but is a bit awkward having Javascript within XML.  Also, allowing //! for JS files would allow for other *.js engines to run on other platforms, e.g. launching node x.js if desired.

That said, this hack does seem to work, having a trailing single-quote to appease JScript compilation while allowing for the vbscript style comment.

'!c:/windows/system32/cscript -nologo test.js '
WSH.Echo("Content-type: text/plain\n");
WSH.Echo("Hello world from " + ScriptEngine() + " !");

Given the dwindling support for older Windows Scripting, it's not a high priority and can be closed.
Comment 7 William A. Rowe Jr. 2018-11-07 21:08:02 UTC
Please help us to refine our list of open and current defects; this is a mass update of old and inactive Bugzilla reports which reflect user error, already resolved defects, and still-existing defects in httpd.

As repeatedly announced, the Apache HTTP Server Project has discontinued all development and patch review of the 2.2.x series of releases. The final release 2.2.34 was published in July 2017, and no further evaluation of bug reports or security risks will be considered or published for 2.2.x releases. All reports older than 2.4.x have been updated to status RESOLVED/LATER; no further action is expected unless the report still applies to a current version of httpd.

If your report represented a question or confusion about how to use an httpd feature, an unexpected server behavior, problems building or installing httpd, or working with an external component (a third party module, browser etc.) we ask you to start by bringing your question to the User Support and Discussion mailing list, see [https://httpd.apache.org/lists.html#http-users] for details. Include a link to this Bugzilla report for completeness with your question.

If your report was clearly a defect in httpd or a feature request, we ask that you retest using a modern httpd release (2.4.33 or later) released in the past year. If it can be reproduced, please reopen this bug and change the Version field above to the httpd version you have reconfirmed with.

Your help in identifying defects or enhancements still applicable to the current httpd server software release is greatly appreciated.