Thanks in tons Thomas. I didn’t realize that it could have its own web.xml. Enabling enableCmdLineArguments helped. getOpts is working fine now
Regards Swathi -----Original Message----- From: Mark Thomas [mailto:ma...@apache.org] Sent: Monday, November 16, 2020 3:29 PM To: Tomcat Users List Subject: Re: getopts of Perl is not working Tomcat 9 CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. On 16/11/2020 06:21, Jonnalagadda, Swathi (External) wrote: > Hi Mark, > > Thank you for replying on this. > > Please find below servlet configuration > > <servlet> > <servlet-name>cgi</servlet-name> > <servlet-class>org.apache.catalina.servlets.CGIServlet</servlet-class> > <init-param> > <param-name>cgiPathPrefix</param-name> > <param-value>cgi-bin</param-value> > <param-name>executable</param-name> > <param-value>/usr/bin/perl</param-value> > </init-param> > <load-on-startup>5</load-on-startup> > </servlet> That configuration is not valid. I'm surprised Tomcat even starts with a configuration like that. Enabling validation would catch that but I'll look to see if there is more we can do. > <servlet-mapping> > <servlet-name>cgi</servlet-name> > <url-pattern>/cgi-bin/*</url-pattern> > </servlet-mapping> > > The url we access is > http://maskedforsecurity:port/maskedapp/cgi-bin/register.cgi?-p Given a fixed version of the configuration above, getopts isn't going to work because you haven't enabled command line arguments. See http://tomcat.apache.org/tomcat-9.0-doc/cgi-howto.html Look for enableCmdLineArguments See also CVE-2019-0232 if you are running on Windows. > Please note that the cgi files are all under maskedapp/cgi-bin of webapps > folder. > > Also I have observed that even if I don’t configure cgi servlet in web.xml, > the server is executing the cgi file but it is not able to execute getops > method. Then you have the CGI servlet (or the CGI filter) enabled in another location. Check both the global and per web application web.xml file. You'd normally only enable GCI in one location. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
