Article ID: 186803 - Last Review: June 23, 2005 - Revision: 3.3

Browsing Folders with Script-Mapped Extensions Returns Errors

View products that this article applies to.
This article was previously published under Q186803
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspx (http://www.microsoft.com/technet/security/prodtech/IIS.mspx)
Expand all | Collapse all

SYMPTOMS

If you try to browse folders with extensions that are script-mapped, one of the following errors occurs:
  • HTTP 404
  • HTTP 403
  • Source code is returned to the browser.
  • Other script/server errors are returned to the browser.
Back to the top

CAUSE

In general, it is bad practice to name a folder using an extension that is MIME-mapped, but this holds especially true for scripted extensions. This is because it is common to pass information to a Web script that will be included as part of the PATH_INFO environment variable.

For example, a CGI program at the URL http://localhost/foo.cgi/default.htm (http://localhost/foo.cgi/default.htm) receives "/foo.cgi/default.htm" in PATH_INFO.
Back to the top

WORKAROUND

To work around this problem, name Web folders without extensions, or use extensions that are not script-mapped.
Back to the top

MORE INFORMATION

On a system with a CGI-based Practical Extraction and Report Language (Perl) interpreter, save the following Perl script as "env.cgi" in your default "/scripts" folder. 
   print "Content-type: text/plain\n\n";
   print "<html>\n";
   print "<body>\n";
   print "<pre>\n";
   print "CONTENT_LENGTH:  ",$ENV{'CONTENT_LENGTH'},"\n";
   print "PATH_INFO:       ",$ENV{'PATH_INFO'},"\n";
   print "PATH_TRANSLATED: ",$ENV{'PATH_TRANSLATED'},"\n";
   print "QUERY_STRING:    ",$ENV{'QUERY_STRING'},"\n";
   print "REMOTE_ADDR:     ",$ENV{'REMOTE_ADDR'},"\n";
   print "REMOTE_HOST:     ",$ENV{'REMOTE_HOST'},"\n";
   print "REMOTE_USER:     ",$ENV{'REMOTE_USER'},"\n";
   print "REQUEST_METHOD:  ",$ENV{'REQUEST_METHOD'},"\n";
   print "SCRIPT_NAME:     ",$ENV{'SCRIPT_NAME'},"\n";
   print "SERVER_NAME:     ",$ENV{'SERVER_NAME'},"\n";
   print "SERVER_PORT:     ",$ENV{'SERVER_PORT'},"\n";
   print "SERVER_PROTOCOL: ",$ENV{'SERVER_PROTOCOL'},"\n";
   print "SERVER_SOFTWARE: ",$ENV{'SERVER_SOFTWARE'},"\n";
   print "</pre>\n";
   print "</body>\n";
   print "</html>\n";

When you browse to http://localhost/scripts/env.cgi/test.htm (http://localhost/scripts/env.cgi/test.htm) you see the PATH_INFO environment variable reflect the information passed to the script as "/env.cgi/test.htm".
Back to the top
APPLIES TO
  • Microsoft Internet Information Server 4.0
Back to the top
Keywords: 
kbpending kbprb KB186803
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations