Browser attempts to download document from website

Y

Yohhan

Limp Gawd
Joined
May 17, 2002
Messages
220
I have a simple shell script that I'm trying to use to collect form data.

When I post method="POST" in the form tag, I get a 405 error saying this method isn't allowed on my .sh script.

When I change it to "GET", my browser tries to download the file.

Why would changing the method from POST to GET change the way my browser handles the file?
 
It's hard to say exactly what's going on since you haven't told us what browser you're using or, more importantly, what server you're running. You also didn't say what the downloaded file was (the shell script itself? the correct output? incorrect output?). But it does sound like changing the method has changed how your server is trying to interpret the request.

When you tried to POST the form, your server told you it wasn't allowed. If you look at the response headers when you get that 405, you should also get a list of supported methods. If POST isn't in that list, you need to check your server configuration and make sure that you don't have it disabled.

When you tried GET, it sounds like the server didn't understand that it was supposed to try to execute the shell script, and so it just served you the script file itself. Your browser then didn't know what to do with it, so it just tried to download it.

All just guesses, mind you, but hopefully that's still helpful. If that doesn't clear things up, give us some more information, and we might be able to make some specific suggestions.
 
The two methods are different, the GET method is limited to a certain amount of data because its actually the equivilant of passing the variables in the URL (eg: http://somesite.com?var1=test&var2=test). With the POST method you are uploading data to the website, rather than sending it through the URL-- useful for uploading files or large amounts of data (textareas). The error your getting may be because the permissions of your script don't allow it, try setting the write permission on your script (or chmod 755 the script) and set the method back to POST and try again.
 
When you tried to POST the form, your server told you it wasn't allowed. If you look at the response headers when you get that 405, you should also get a list of supported methods. If POST isn't in that list, you need to check your server configuration and make sure that you don't have it disabled.[\QUOTE]

Not sure I know what you mean by response headers. Is that something I should look for client side or server side? I'm on a Linux machine running Apache.
Click to expand...
 
Yohhan said:
Not sure I know what you mean by response headers. Is that something I should look for client side or server side? I'm on a Linux machine running Apache.
Click to expand...
Basically, whenever you send a request, your browser is actually sending something like this to the server:
Code: 
GET /newreply.php?do=newreply&noquote=1&p=1027288649 HTTP/1.1
Host: hardforum.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.7,ru;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: [url]http://hardforum.com/showthread.php?t=871275[/url]

...which is what my browser sent out when I hit the "reply" button here, and which tells you a lot of interesting things about my browser. Once the server receives and process that request, it sends back an HTML document, but it also sends all of these interesting headers:
Code: 
HTTP/1.x 200 OK
Date: Wed, 23 Feb 2005 06:22:01 GMT
Server: Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7d PHP/4.3.10
X-Powered-By: PHP/4.3.10
Cache-Control: private
Content-Encoding: gzip
Content-Length: 10370
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

...which tells you some interesthing things about [H]'s server. These are the response headers. Had the server decided I was not allowed to GET that "reply" page, it might have sent me a 405, then listed other methods (POST is one of many other possible methods) that I was allowed to use.

So back to your question, it's almost certainly a server-side issue. inotocracy's suggestion was a good one. If that doesn't clear things up, you may need to open up your httpd.conf and make sure Apache knows that it's supposed to actually execute the shell script instead of just trying to serve up the contents of the script itself.
 
Okay, thanks.

Stupid question maybe, but how do I see the header sent to me by the webserver in my browser?

and...

Can I somehow see the headers that I'm sending to the webserver in my browser? Or would I need some sort of a packet sniffer to do that?

Appreciate the help.
 
You could probably get what you wanted with a sniffer like Ethereal, but if you're running Firefox, the Live HTTP Headers extension is a far simpler solution, as the screenshots might indicate. The snippets I posted above were copied directly from its output, both request and response.
 
You must log in or register to reply here.
Back
Top