Forum

Hiawatha version: 6.14.1
Operating System: Linux

Hi,

We are experiencing a problem with file upload using Python generated CGI. Effectively the upload fails because instead of returning a normal FieldStorage structure MiniFieldStorage is returned with empty values and no data can be read. It seams that MiniFieldStorage is returned when upload fails.

Here is the httpd.conf settings:

# Hiawatha main configuration file
#


# GENERAL SETTINGS
#
#ServerId = www-data
ConnectionsTotal = 150
ConnectionsPerIP = 10
SystemLogfile = /usr/local/var/log/hiawatha/system.log
GarbageLogfile = /usr/local/var/log/hiawatha/garbage.log


# BINDING SETTINGS
# A binding is where a client can connect to.
#
Binding {
	EnableAlter=yes
	Port = 80
#	Interface = 127.0.0.1
#	MaxKeepAlive = 30
#	TimeForRequest = 3,20
}
#
#Binding {
#	Port = 443
#	Interface = ::1
#	MaxKeepAlive = 30
#	TimeForRequest = 3,20
#	ServerKey = hiawatha.pem
#	UseSSL = yes
#}


# BANNING SETTINGS
# Deny service to clients who misbehave.
#
#BanOnGarbage = 300
#BanOnMaxPerIP = 60
#BanOnMaxReqSize = 300
#KickOnBan = yes
#RebanDuringBan = yes


# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications. Use the 'php-fcgi'
# tool to start PHP as a FastCGI daemon.
#
#CGIhandler = /usr/bin/php-cgi:php
#CGIhandler = /usr/bin/perl:pl
CGIhandler = /usr/bin/python:py
CGIextension = cgi
#
#FastCGIserver {
#	FastCGIid = PHP4
#	ConnectTo = 127.0.0.1:2004
#	Extension = php, php4
#}
#
#FastCGIserver {
#	FastCGIid = PHP5
#	ConnectTo = 10.0.0.100:2005, 10.0.0.101:2005
#	Extension = php, php5
#	SessionTimeout = 30
#}


# URL TOOLKIT
# These URL toolkit rules are made for the Skeleton PHP framework,
# which can be downloaded from: http://skeleton.leisink.org/
#
#UrlToolkit {
#	ToolkitID = skeleton
#	Match ^/$ Return
#	RequestURI isfile Exit
#	Match (.*)\?(.*) Rewrite $1&$2
#	Match /(.*) Rewrite /index.php?page=$1
#}


# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 127.0.0.1
WebsiteRoot = /usr/local/var/www/hiawatha
StartFile = index.html
AccessLogfile = /usr/local/var/log/hiawatha/access.log
ErrorLogfile = /usr/local/var/log/hiawatha/error.log
#ErrorHandler = 404:/error.cgi


# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
#VirtualHost {
#	Hostname = www.my-domain.com
#	WebsiteRoot = /var/www/my-domain/public
#	StartFile = index.php
#	AccessLogfile = /var/www/my-domain/log/access.log
#	ErrorLogfile = /var/www/my-domain/log/error.log
	ExecuteCGI = yes
#	FastCGI = PHP4
	TimeForCGI = 120
#}


# DIRECTORY SETTINGS
# You can specify some settings per directory.
#
#Directory {
#	Path = /home/baduser
#	ExecuteCGI = no
#	UploadSpeed = 10,2
#}

Other form based data is passed correctly.

Please advise if I have missed something.

Thanks