security/cgi-bin.xml
6a5b42e0d34c76890fd96be2b0b57516363b4c8a
...
...
@@ -84,9 +84,9 @@
84
84
these configuration options. If your web server does not allow
85
85
you to do redirects, or the server does not have a way to
86
86
communicate to the PHP binary that the request is a safely
87
-
redirected request, you can specify the option <link
88
-
linkend="configure.enable-force-cgi-redirect">--enable-force-cgi-redirect</link>
89
-
to the configure script. You still have to make sure your PHP
87
+
redirected request, you can enable the
88
+
<link linkend="ini.cgi.force-redirect">cgi.force_redirect</link>
89
+
ini directive. You still have to make sure your PHP
90
90
scripts do not rely on one or another way of calling the script,
91
91
neither by directly <filename
92
92
role="php">http://my.host/cgi-bin/php/dir/script.php</filename>
...
...
@@ -109,8 +109,6 @@
109
109
role="php">http://my.host/cgi-bin/php/secretdir/script.php</filename>.
110
110
Instead, PHP will only parse in this mode if it has gone through
111
111
a web server redirect rule.
112
-
PHP older than 4.2.0 used <literal>--enable-force-cgi-redirect</literal>
113
-
compile time option for this.
114
112
</simpara>
115
113
<simpara>
116
114
Usually the redirection in the Apache configuration is done with
...
...
@@ -218,9 +216,8 @@ AddHandler php-script .php
218
216
<para>
219
217
To get PHP to handle <envar>PATH_INFO</envar> and
220
218
<envar>PATH_TRANSLATED</envar> information correctly with this
221
-
setup, the PHP parser should be compiled with the <link
222
-
linkend="configure.enable-discard-path">--enable-discard-path</link>
223
-
configure option.
219
+
setup, the <link linkend="ini.cgi.discard-path">cgi.discard_path</link>
220
+
ini directive has to be enabled.
224
221
</para>
225
222
</sect1>
226
223

227
224