Forcing Python to detect DocumentRoot

Ferrous Cranus nikos.gr33k at gmail.com
Mon Jan 21 15:55:32 CET 2013


Τη Δευτέρα, 21 Ιανουαρίου 2013 2:33:22 μ.μ. UTC+2, ο χρήστης Dave Angel έγραψε:
> On 01/21/2013 01:25 AM, Ferrous Cranus wrote:
> 
> > Τη Σάββατο, 19 Ιανουαρίου 2013 10:01:15 μ.μ. UTC+2, ο χρήστης Piet van Oostrum έγραψε:
> 
> >> Ferrous Cranus <nikos.gr33k at gmail.com> writes:
> 
> 
> 
> > While
> 
> >
> 
> > /home/nikos/public_html/cafebar-idea.gr/cgi-bin/counter.py
> 
> >
> 
> > that has also embedded this line:
> 
> >
> 
> > <a href="mailto:support at superhost.gr"> <img src="/data/images/mail.png"> </a>
> 
> >
> 
> > cannnot open the file normally.
> 
> >
> 
> > And the questions iw WHY since python script can open ANY filesystempath
> 
> > file the user has access too.
> 
> >
> 
> 
> 
> As Piet has said,Python is NOT opening the file mail.png.  When the html 
> 
> is sent to the browser, and the browser requests that image file, it's 
> 
> the server itself who figures out where the actual file is.  Python 
> 
> isn't involved at all.
> 
> 
> 
> -- 
> 
> DaveA

Yes Dave so we need to remove <img src="/data/images/mail.png">  since the apache cant see to open it and let Python open it which we know it can because it has access to any system file the user has access too.

httpd cannot open this file because the location of the image is past the addon domain's Document Root.

/home/nikos/public_html/cafebar-idea.gr = Addon's Domain Document Root

/home/nikos/public_html/data/images/mail.png = where the image file is located

and the python scipt is on:

/home/nikos/public_html/cafebar-idea.gr/cgi-bin/counter.py

So if a python script can open any file the user has access too then we need a "python way" of opening this file.



More information about the Python-list mailing list