Why does htsearch no longer recognize the -c option when run from the web server?
This was a security hole in 3.1.5 and older, and 3.2.0b3 and older releases of ht://Dig. (See question 2.1.) There’s a compile-time macro you can set in htsearch.cc to disable this security fix, but that’s a bad idea because it reopens the hole. This should only be done as a last recourse, when all other avenues fail. The -c option was only intended for testing htsearch from the command line, and not for use when calling htsearch on the web server. Unfortunately, far too many users have needlessly latched onto this option for CGI scripts.
This was a security hole in 3.1.5 and older, and 3.2.0b3 and older releases of ht://Dig. (See question 2.1.) There’s a compile-time macro you can set in htsearch.cc to disable this security fix, but that’s a bad idea because it reopens the hole. This should only be done as a last recourse, when all other avenues fail. The -c option was only intended for testing htsearch from the command line, and not for use when calling htsearch on the web server. Unfortunately, far too many users have needlessly latched onto this option for CGI scripts.
Related Questions
- What happens if I or one of my employees injures a registered finger and the fingerprint scanner was no longer able to recognize the original finger registration?
- MY AUTOMATIC PUMP STOPS AND STARTS CONSTANTLY, HOW CAN I MAKE THE PUMP RUN LONGER?
- Why does htsearch no longer recognize the -c option when run from the web server?