1 / 22

Form Data Encoding

Form Data Encoding. GET – URL encoded POST – URL encoded POST – multipart form. <form action="/foo" method="get"> User ID: <input type="text" name="userid" size="10" maxlength="8"> Password: <input type="password" name="passwd" size="10" maxlength="8">

mikel
Télécharger la présentation

Form Data Encoding

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Form Data Encoding • GET – URL encoded • POST – URL encoded • POST – multipart form

  2. <form action="/foo" method="get"> User ID: <input type="text" name="userid" size="10" maxlength="8"> Password: <input type="password" name="passwd" size="10" maxlength="8"> Mail message: <textarea name="mmesg" rows="5" cols="40"></textarea> File: <input type="file" name="image_f">

  3. GET – URL encoding <form action="/foo" method="GET"> ... some_form.html GET /foo?userid=bkoehler&passwd=foo& mmesg=bow+%26+arrow%0D%0A%3D%0D%0A%3F%3F%3F& image_f=C%3A%5CTEMP%5Ccgi.txt HTTP/1.1 Host: www.xyz.org ... HTTP request message

  4. POST – URL encoding <form action="/foo" method="POST"> some_form.html POST /foo HTTP/1.1 Host: www.xyz.org Content-Type: application/x-www-form-urlencoded Content-Length: 150 userid=bkoehler&passwd=foo& mmesg=bow+%26+arrow%0D%0A%3D%0D%0A%3F%3F%3F& image_f=C%3A%5CTEMP%5Ccgi.txt HTTP request message

  5. POST – multipart form <form action="/foo" method="POST" enctype="multipart/form-data"> some_form.html

  6. POST /foo HTTP/1.1 Host: www.xyz.org Content-Type: multipart/form-data; boundary=---123 Content-Length: 2421 ---123 Content-Disposition: form-data; name="userid" brian ---123 Content-Disposition: form-data; name="passwd" foo ---123 Content-Disposition: form-data; name="mmesg" bow & arrow = ???

  7. ---123 Content-Disposition: form-data; name="image_f"; filename="cgi.txt" Content-Type: text/plain The contents of the file would be here. ---123-- HTTP request message

  8. Request Response The Static Web Doc A Origin Server Client Doc B Doc C

  9. Request Response Response The Dynamic Web ENV body Origin Server CGI Program Client

  10. Common Gateway Interface (CGI) • convention for interaction between web servers and external applications that process requests • allows external applications to be reasonably portable across different web servers • external programs can be written in any language: • C, C++, COBOL, FORTRAN, Java, Assembly, csh, sh, Perl, Python, etc

  11. CGI/1.1 overview • some information about the HTTP request is passed through environment variables • the HTTP request message body (if any) is connected to the external application's standard input stream • the external application must generate a valid HTTP response on its standard output stream

  12. CGI Environment Variables • HTTP_* • most of the headers in the request message get passed as environment variables to the CGI program • e.g.: HTTP_ACCEPT, HTTP_ACCEPT_LANGUAGE, HTTP_USER_AGENT

  13. REMOTE_* • REMOTE_ADDR • the numeric IP address of the client sending the request • this may not be the user agent if there are proxies along the chain • REMOTE_HOST • the fully qualified domain name of the client sending the request

  14. SERVER_* • SERVER_SOFTWARE: the name and version of the web server software • SERVER_NAME: the server's hostname or IP address • SERVER_PORT: the port number the request came in on • SERVER_PROTOCOL: the name and version of the protocol the request came in e.g. HTTP/1.1 • GATEWAY_INTERFACE: version of CGI, usually CGI/1.1

  15. CONTENT_* • only generated for POST requests • CONTENT_TYPE: mime type of the message body; usually: application/x-www-form-urlencoded or multipart/form-data • CONTENT_LENGTH: length, in characters of the message body

  16. Request • REQUEST_METHOD: GET, POST, etc. • SCRIPT_NAME: virtual path to script as derived from the URI (no shcheme, host or query component) • e.g. /cgi-bin/foo • QUERY_STRING: all the text past the '?' in the request URI • e.g. arg1=val1&arg2=val2&arg3=val3...

  17. Standard Input • when the external CGI program starts running, its standard input is connected to the request message at the beginning of the message body: POST /foo HTTP/1.1 Host: www.xyz.org Content-Type: application/x-www-form-urlencoded Content-Length: 150 userid=bkoehler&passwd=foo& mmesg=bow+%26+arrow%0D%0A%3D%0D%0A%3F%3F%3F& image_f=C%3A%5CTEMP%5Ccgi.txt

  18. POST /foo HTTP/1.1 Host: www.xyz.org Content-Type: multipart/form-data; boundary=---123 Content-Length: 2421 ---123 Content-Disposition: form-data; name="userid" brian ---123 Content-Disposition: form-data; name="passwd" foo ---123 Content-Disposition: form-data; name="mmesg" bow & arrow = ???

  19. Standard Output • when the external CGI program starts running, anything it writes to standard output will be part of the response to the client • modes: • non-parsed headers (nph): the CGI program must construct a complete HTTP response message which will be delivered unmodified to the client • parsed headers: the web server will fill in any missing required header fields

  20. Parsed Headers Content-Type: text/html <html> ... <== output of CGI program HTTP/1.1 200 OK Date: Mon, 23 Sep 2002 19:11:21 GMT Server: Apache/1.3.20 (Unix) PHP/4.0.6 Content-Length: 699 Content-Type: text/html <html> ...

  21. Apache mod_cgi • two methods of invoking CGI programs: • ScriptAlias directive: all files the specified directory are treated as CGI programs • Options +ExecCGI and AddHandler directives: files with specific file extensions are treated as CGI programs

More Related