I am developing a website, a simple webpage with a regular form that calls a CGI
when user presses the SUBMIT button.
It works fine when Avast’s Web Protection is disabled, but when it is turned on,
my CGI (Its a binary with EXE extension) receives a NULL (empty) string when
calling “QUERY_STRING”.
The HTML page doesn’t do anything in particular, no Java, no scripts… just plain
HTML code as follows:
What is your firewall (strange I know when it works on other sites I presume) ?
Zone Alarm Pro with its privacy function was one such firewall that had this issue, the passage of parameters.
This sounds more like conflict, hence the firewall question and now another question. Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?
Im not using (or used) any 3rd party firewall, only Windows firewall and the
same problem happens if I turn it off.
Im Using ad-Aware (free version) but problem occurs if i uninstall completely.
I was using Virtual-Box but the network it creates is now completely disabled
and Virtual-Box is uninstalled (it was giving me some trouble when i played
Age of Mythology over the LAN).
I think thats about it. Long story short, Web Protection ON = No form data for
the CGI. Web Protection off = Everything fine, CGI receives form data.
I have found the culprit. I dont know exactly how but seems like WEB Protection
delays the sending of parameters for a brief moment, my CGI tries to read the parameters
too quickly and doesnt read anything because no info arrived yet.
Using SLEEP 1000 (waits 1000 milliseconds) allows some time between the lag of the
arrival.
The strange thing is that even if Not using SLEEP 1000 the CGI works every 5 minutes
or so. The rest of the times its a complete blank. Im still puzzled by that.
Although it is working now, i would like to know why is this happening.
Hi,
This is fairly interresting. I don’t think the delay is the reason here. Every packet may travel the net with a different speed and therefore you can not relay on exact timings. WebShield indeed does separate the headers and the body into two distinguished packets. So maybe your recv( ) call just recieves the first one on first read and the second part very soon after during another recv( ) call.
Yes, thats what seems to be happening. I have to make several RECV calls
if i start right away, if i allow some milliseconds, one single RECV does the job.
However this is essentially a bug in your code there is NO guarantee in how many packets the communication comes - if frequently use netcat for testing or telnet, there one packter equals one byte…