1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
|
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE erlref SYSTEM "erlref.dtd">
<erlref>
<header>
<copyright>
<year>1997</year><year>2015</year>
<holder>Ericsson AB. All Rights Reserved.</holder>
</copyright>
<legalnotice>
The contents of this file are subject to the Erlang Public License,
Version 1.1, (the "License"); you may not use this file except in
compliance with the License. You should have received a copy of the
Erlang Public License along with this software. If not, it can be
retrieved online at http://www.erlang.org/.
Software distributed under the License is distributed on an "AS IS"
basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
the License for the specific language governing rights and limitations
under the License.
</legalnotice>
<title>httpd</title>
<prepared>Ingela Anderton Andin</prepared>
<docno></docno>
<date>1997-10-14</date>
<rev>2.2</rev>
<file>httpd.sgml</file>
</header>
<module>httpd</module>
<modulesummary>An implementation of an HTTP
1.1 compliant Web server, as defined in RFC 2616.
</modulesummary>
<description>
<p>Documents the HTTP server start options, some administrative
functions and also specifies the Erlang Web server callback
API</p>
</description>
<section>
<title>COMMON DATA TYPES </title>
<p>Type definitions that are used more than once in
this module:</p>
<p><c>boolean() = true | false </c></p>
<p><c>string() = list of ASCII characters</c></p>
<p><c>path() = string() - representing a file or directory path.</c></p>
<p><c> ip_address() = {N1,N2,N3,N4} % IPv4
| {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6</c></p>
<p><c>hostname() = string() - representing a host ex "foo.bar.com"</c></p>
<p><c>property() = atom()</c></p>
</section>
<section>
<title>ERLANG HTTP SERVER SERVICE START/STOP </title>
<p>A web server can be configured to start when starting the inets
application or started dynamically in runtime by calling the
Inets application API <c>inets:start(httpd, ServiceConfig)</c>, or
<c>inets:start(httpd, ServiceConfig, How)</c>,
see <seealso marker="inets">inets(3)</seealso> Below follows a
description of the available configuration options, also called
properties.</p>
<marker id="props_file"></marker>
<p><em>File properties</em></p>
<p>When the web server is started
at application start time the properties should be fetched from a
configuration file that could consist of a regular erlang property
list, e.i. <c>[{Option, Value}] </c> where <c> Option = property()
</c> and <c>Value = term()</c>, followed by a full stop, or for
backwards compatibility an Apache like configuration file. If the
web server is started dynamically at runtime you may still specify
a file but you could also just specify the complete property
list.</p>
<taglist>
<marker id="prop_proplist_file"></marker>
<tag>{proplist_file, path()}</tag>
<item>
<p>If this property is defined inets will expect to find
all other properties defined in this file. Note that the
file must include all properties listed under mandatory
properties. </p>
</item>
<marker id="prop_file"></marker>
<tag>{file, path()}</tag>
<item>
<p>If this property is defined inets will expect to find all
other properties defined in this file, that uses Apache like
syntax. Note that the file must include all properties listed
under mandatory properties. The Apache like syntax is the property,
written as one word where each new word begins with a capital,
followed by a white-space followed by the value followed by a
new line. Ex: </p>
<code>
{server_root, "/urs/local/www"} -> ServerRoot /usr/local/www
</code>
<p>With a few exceptions, that are documented
for each property that behaves differently,
and the special case {directory, {path(), PropertyList}} and
{security_directory, {Dir, PropertyList}} that are represented
as:</p>
<pre>
<![CDATA[
<Directory Dir>
<Properties handled as described above>
</Directory>
]]>
</pre>
</item>
</taglist>
<note>
<p>The properties proplist_file and file are mutually exclusive.</p>
</note>
<marker id="props_mand"></marker>
<p><em>Mandatory properties</em></p>
<taglist>
<marker id="prop_port"></marker>
<tag>{port, integer()} </tag>
<item>
<p>The port that the HTTP server shall listen on.
If zero is specified as port, an arbitrary available port
will be picked and you can use the httpd:info/2 function to find
out which port was picked. </p>
</item>
<marker id="prop_server_name"></marker>
<tag>{server_name, string()} </tag>
<item>
<p>The name of your server, normally a fully qualified domain name. </p>
</item>
<marker id="prop_server_root"></marker>
<tag>{server_root, path()} </tag>
<item>
<p>Defines the server's home directory where log files etc can
be stored. Relative paths specified in other properties refer
to this directory. </p>
</item>
<marker id="prop_doc_root"></marker>
<tag>{document_root, path()}</tag>
<item>
Defines the top directory for the documents that
are available on the HTTP server.
</item>
</taglist>
<marker id="props_comm"></marker>
<p><em>Communication properties</em> </p>
<taglist>
<marker id="prop_bind_address"></marker>
<tag>{bind_address, ip_address() | hostname() | any} </tag>
<item>
<p>Defaults to <c>any</c>. Note that <c>any</c> is denoted <em>*</em>
in the apache like configuration file. </p>
</item>
<marker id="prop_socket_type"></marker>
<tag>{socket_type, ip_comm | {essl, Config::proplist()}}</tag>
<item>
<p> For ssl configuration options see <seealso marker="ssl:ssl#listen-2">ssl:listen/2</seealso> </p>
<p>Defaults to <c>ip_comm</c>. </p>
</item>
<marker id="prop_ipfamily"></marker>
<tag>{ipfamily, inet | inet6 | inet6fb4}</tag>
<item>
<p>Defaults to <c>inet6fb4. </c> </p>
<p>Note that this option is only used when the option
<c>socket_type</c> has the value <c>ip_comm</c>. </p>
</item>
<marker id="prop_minimum_bytes_per_second"></marker>
<tag>{minimum_bytes_per_second, integer()}</tag>
<item>
<p>If given, sets a minimum bytes per second value for connections.</p>
<p>If the value is not reached, the socket will close for that connection.</p>
<p>The option is good for reducing the risk of "slow dos" attacks.</p>
</item>
</taglist>
<marker id="props_api_modules"></marker>
<p><em>Erlang Web server API modules</em> </p>
<taglist>
<marker id="prop_modules"></marker>
<tag>{modules, [atom()]} </tag>
<item>
<p>Defines which modules the HTTP server will use to handle
requests. Defaults to: <c>[mod_alias, mod_auth, mod_esi,
mod_actions, mod_cgi, mod_dir, mod_get, mod_head, mod_log,
mod_disk_log] </c>
Note that some mod-modules are dependent on
others, so the order can not be entirely arbitrary. See the
<seealso marker="http_server"> Inets Web server Modules in the
Users guide</seealso> for more information. </p>
</item>
</taglist>
<marker id="props_limit"></marker>
<p><em>Limit properties</em> </p>
<taglist>
<marker id="prop_customize"></marker>
<tag>{customize, atom()}</tag>
<item>
<p>A callback module to customize the inets HTTP servers behaviour
see <seealso marker="http_custom_api"> httpd_custom_api</seealso> </p>
</item>
<marker id="prop_disable_chunked_encoding"></marker>
<tag>{disable_chunked_transfer_encoding_send, boolean()}</tag>
<item>
<p>This property allows you to disable chunked
transfer-encoding when sending a response to a HTTP/1.1
client, by default this is false. </p>
</item>
<marker id="prop_keep_alive"></marker>
<tag>{keep_alive, boolean()}</tag>
<item>
<p>Instructs the server whether or not to use persistent
connections when the client claims to be HTTP/1.1
compliant, default is true. </p>
</item>
<marker id="prop_keep_alive_timeout"></marker>
<tag>{keep_alive_timeout, integer()}</tag>
<item>
<p>The number of seconds the server will wait for a
subsequent request from the client before closing the
connection. Default is 150. </p>
</item>
<marker id="prop_max_body_size"></marker>
<tag>{max_body_size, integer()}</tag>
<item>
<p>Limits the size of the message body of HTTP request.
By the default there is no limit. </p>
</item>
<marker id="prop_max_clients"></marker>
<tag>{max_clients, integer()}</tag>
<item>
<p>Limits the number of simultaneous requests that can be
supported. Defaults to 150. </p>
</item>
<marker id="prop_max_header_size"></marker>
<tag>{max_header_size, integer()}</tag>
<item>
<p>Limits the size of the message header of HTTP request.
Defaults to 10240. </p>
</item>
<marker id="prop_max_content_length"></marker>
<tag>{max_content_length, integer()}</tag>
<item>
<p>Maximum Content-Length in an incoming request, in bytes. Requests
with content larger than this are answered with Status 413.
Defaults to 100000000 (100 MB).
</p>
</item>
<marker id="prop_max_uri"></marker>
<tag>{max_uri_size, integer()}</tag>
<item>
<p>Limits the size of the HTTP request URI. By
default there is no limit. </p>
</item>
<marker id="prop_max_keep_alive_req"></marker>
<tag>{max_keep_alive_request, integer()}</tag>
<item>
<p>The number of request that a client can do on one
connection. When the server has responded to the number of
requests defined by max_keep_alive_requests the server close the
connection. The server will close it even if there are queued
request. Defaults to no limit. </p>
</item>
</taglist>
<marker id="props_admin"></marker>
<p><em>Administrative properties</em></p>
<taglist>
<marker id="prop_mime_types"></marker>
<tag>{mime_types, [{MimeType, Extension}] | path()}</tag>
<item>
<p>Where MimeType = string() and Extension = string().
Files delivered to the client are MIME typed according to RFC
1590. File suffixes are mapped to MIME types before file delivery.
The mapping between file suffixes and MIME types can be specified
as an Apache like file as well as directly in the property list. Such
a file may look like:</p>
<pre>
# MIME type Extension
text/html html htm
text/plain asc txt
</pre>
<p>Defaults to [{"html","text/html"},{"htm","text/html"}]</p>
</item>
<marker id="prop_mime_type"></marker>
<tag>{mime_type, string()}</tag>
<item>
<p>When the server is asked to provide a document type which
cannot be determined by the MIME Type Settings, the server will
use this default type. </p>
</item>
<marker id="prop_server_admin"></marker>
<tag>{server_admin, string()}</tag>
<item>
<p>ServerAdmin defines the email-address of the server
administrator, to be included in any error messages returned by
the server. </p>
</item>
<marker id="prop_server_tokens"></marker>
<tag>{server_tokens, none|prod|major|minor|minimal|os|full|{private, string()}}</tag>
<item>
<p>ServerTokens defines how the value of the server header
should look. </p>
<p>Example: Assuming the version of inets is 5.8.1,
here is what the server header string could look like for
the different values of server-tokens: </p>
<pre>
none "" % A Server: header will not be generated
prod "inets"
major "inets/5"
minor "inets/5.8"
minimal "inets/5.8.1"
os "inets/5.8.1 (unix)"
full "inets/5.8.1 (unix/linux) OTP/R15B"
{private, "foo/bar"} "foo/bar"
</pre>
<p>By default, the value is as before, which is <c>minimal</c>. </p>
</item>
<marker id="prop_log_format"></marker>
<tag>{log_format, common | combined}</tag>
<item>
<p>Defines if access logs should be written according to the common
log format or to the extended common log format.
The <c>common</c> format is one line that looks like this:
<c>remotehost rfc931 authuser [date] "request" status bytes</c></p>
<pre>
remotehost
Remote
rfc931
The client's remote username (RFC 931).
authuser
The username with which the user authenticated
himself.
[date]
Date and time of the request (RFC 1123).
"request"
The request line exactly as it came from the client
(RFC 1945).
status
The HTTP status code returned to the client
(RFC 1945).
bytes
The content-length of the document transferred.
</pre>
<p>The <c>combined</c> format is on line that look like this:
<c>remotehost rfc931 authuser [date] "request" status bytes "referer" "user_agent" </c></p>
<pre>
"referer"
The url the client was on before
requesting your url. (If it could not be determined
a minus sign will be placed in this field)
"user_agent"
The software the client claims to be using. (If it
could not be determined a minus sign will be placed in
this field)
</pre>
<p>This affects the access logs written by mod_log and mod_disk_log.
</p>
</item>
<marker id="prop_elog_format"></marker>
<tag>{error_log_format, pretty | compact}</tag>
<item>
<p>Defaults to pretty. If the error log is meant to be read
directly by a human <c>pretty</c> will be the best
option. <c>pretty</c> has the format corresponding to:
</p>
<code>io:format("[~s] ~s, reason: ~n ~p ~n~n", [Date, Msg, Reason]).
</code>
<p><c>compact</c> has the format corresponding to:</p>
<code>io:format("[~s] ~s, reason: ~w ~n", [Date, Msg, Reason]).
</code>
<p>This affects the error logs written by mod_log and mod_disk_log.
</p>
</item>
</taglist>
<marker id="props_alias"></marker>
<p><em>URL aliasing properties - requires mod_alias</em></p>
<taglist>
<marker id="prop_alias"></marker>
<tag>{alias, {Alias, RealName}}</tag>
<item>
<p>Where Alias = string() and RealName = string().
The Alias property allows documents to be stored in the local file
system instead of the document_root location. URLs with a path that
begins with url-path is mapped to local files that begins with
directory-filename, for example:
<code>{alias, {"/image", "/ftp/pub/image"}}</code>
and an access to http://your.server.org/image/foo.gif would refer to
the file /ftp/pub/image/foo.gif. </p>
</item>
<marker id="prop_re_write"></marker>
<tag>{re_write, {Re, Replacement}}</tag>
<item>
<p>Where Re = string() and Replacement = string().
The ReWrite property allows documents to be stored in the local file
system instead of the document_root location. URLs are rewritten
by re:replace/3 to produce a path in the local filesystem.
For example:
<code>{re_write, {"^/[~]([^/]+)(.*)$", "/home/\\1/public\\2"}}</code>
and an access to http://your.server.org/~bob/foo.gif would refer to
the file /home/bob/public/foo.gif.
In an Apache like configuration file the Re is separated
from Replacement with one single space, and as expected
backslashes do not need to be backslash escaped so the
same example would become:
<code>ReWrite ^/[~]([^/]+)(.*)$ /home/\1/public\2</code>
Beware of trailing space in Replacement that will be used.
If you must have a space in Re use e.g the character encoding
<code>\040</code> see <seealso marker="stdlib:re">re(3)</seealso>. </p>
</item>
<marker id="prop_dir_idx"></marker>
<tag>{directory_index, [string()]}</tag>
<item>
<p>DirectoryIndex specifies a list of resources to look for
if a client requests a directory using a / at the end of the
directory name. file depicts the name of a file in the
directory. Several files may be given, in which case the server
will return the first it finds, for example:
<code>{directory_index, ["index.hml", "welcome.html"]}</code>
and access to http://your.server.org/docs/ would return
http://your.server.org/docs/index.html or
http://your.server.org/docs/welcome.html if index.html do not
exist. </p>
</item>
</taglist>
<marker id="props_cgi"></marker>
<p><em>CGI properties - requires mod_cgi</em></p>
<taglist>
<marker id="prop_script_alias"></marker>
<tag>{script_alias, {Alias, RealName}}</tag>
<item>
<p>Where Alias = string() and RealName = string().
Has the same behavior as the Alias property, except that
it also marks the target directory as containing CGI
scripts. URLs with a path beginning with url-path are mapped to
scripts beginning with directory-filename, for example:
<code>{script_alias, {"/cgi-bin/", "/web/cgi-bin/"}}</code>
and an access to http://your.server.org/cgi-bin/foo would cause
the server to run the script /web/cgi-bin/foo. </p>
</item>
<marker id="prop_script_re_write"></marker>
<tag>{script_re_write, {Re, Replacement}}</tag>
<item>
<p>Where Re = string() and Replacement = string().
Has the same behavior as the ReWrite property, except that
it also marks the target directory as containing CGI
scripts. URLs with a path beginning with url-path are mapped to
scripts beginning with directory-filename, for example:
<code>{script_re_write, {"^/cgi-bin/(\\d+)/", "/web/\\1/cgi-bin/"}}</code>
and an access to http://your.server.org/cgi-bin/17/foo would cause
the server to run the script /web/17/cgi-bin/foo. </p>
</item>
<marker id="prop_script_nocache"></marker>
<tag>{script_nocache, boolean()}</tag>
<item>
<p>If ScriptNoCache is set to true the HTTP server will by
default add the header fields necessary to prevent proxies from
caching the page. Generally this is something you want. Defaults
to false. </p>
</item>
<marker id="prop_script_timeout"></marker>
<tag>{script_timeout, integer()}</tag>
<item>
<p>The time in seconds the web server will wait between each
chunk of data from the script. If the CGI-script not delivers
any data before the timeout the connection to the client will be
closed. Defaults to 15. </p>
</item>
<marker id="prop_action"></marker>
<tag>{action, {MimeType, CgiScript}} - requires mod_action</tag>
<item>
<p>Where MimeType = string() and CgiScript = string().
Action adds an action, which will activate a cgi-script
whenever a file of a certain mime-type is requested. It
propagates the URL and file path of the requested document using
the standard CGI PATH_INFO and PATH_TRANSLATED environment
variables.
<code>{action, {"text/plain", "/cgi-bin/log_and_deliver_text"}}</code>
</p>
</item>
<marker id="prop_script"></marker>
<tag>{script, {Method, CgiScript}} - requires mod_action</tag>
<item>
<p>Where Method = string() and CgiScript = string().
Script adds an action, which will activate a cgi-script
whenever a file is requested using a certain HTTP method. The
method is either GET or POST as defined in RFC 1945. It
propagates the URL and file path of the requested document using
the standard CGI PATH_INFO and PATH_TRANSLATED environment
variables.
<code>{script, {"PUT", "/cgi-bin/put"}}</code>
</p>
</item>
</taglist>
<marker id="props_esi"></marker>
<p><em>ESI properties - requires mod_esi</em></p>
<taglist>
<marker id="prop_esi_alias"></marker>
<tag>{erl_script_alias, {URLPath, [AllowedModule]}}</tag>
<item>
<p>Where URLPath = string() and AllowedModule = atom().
erl_script_alias marks all URLs matching url-path as erl
scheme scripts. A matching URL is mapped into a specific module
and function. For example:
<code>{erl_script_alias, {"/cgi-bin/example", [httpd_example]}}
</code>
and a request to
http://your.server.org/cgi-bin/example/httpd_example:yahoo
would refer to httpd_example:yahoo/3 or, if that did not exist,
httpd_example:yahoo/2 and
http://your.server.org/cgi-bin/example/other:yahoo would
not be allowed to execute. </p>
</item>
<marker id="prop_esi_nocache"></marker>
<tag>{erl_script_nocache, boolean()}</tag>
<item>
<p>If erl_script_nocache is set to true the server will add
http header fields that prevents proxies from caching the
page. This is generally a good idea for dynamic content, since
the content often vary between each request.
Defaults to false. </p>
</item>
<marker id="prop_esi_timeout"></marker>
<tag>{erl_script_timeout, integer()}</tag>
<item>
<p>If erl_script_timeout sets the time in seconds the server will
wait between each chunk of data to be delivered through
mod_esi:deliver/2. Defaults to 15. This is only relevant
for scripts that uses the erl scheme. </p>
</item>
<marker id="prop_esi_timeout"></marker>
<tag>{eval_script_alias, {URLPath, [AllowedModule]}}</tag>
<item>
<p>Where URLPath = string() and AllowedModule = atom().
Same as erl_script_alias but for scripts
using the eval scheme. Note that this is only supported
for backwards compatibility. The eval scheme is deprecated. </p>
</item>
</taglist>
<marker id="props_log"></marker>
<p><em>Log properties - requires mod_log</em></p>
<taglist>
<marker id="prop_elog"></marker>
<tag>{error_log, path()}</tag>
<item>
<p>Defines the filename of the error log file to be used to log
server errors. If the filename does not begin with a slash (/)
it is assumed to be relative to the server_root. </p>
</item>
<marker id="prop_slog"></marker>
<tag>{security_log, path()}</tag>
<item>
<p>Defines the filename of the access log file to be used to
log security events. If the filename does not begin with a slash
(/) it is assumed to be relative to the server_root. </p>
</item>
<marker id="prop_tlog"></marker>
<tag>{transfer_log, path()}</tag>
<item>
<p>Defines the filename of the access log file to be used to
log incoming requests. If the filename does not begin with a
slash (/) it is assumed to be relative to the server_root. </p>
</item>
</taglist>
<marker id="props_dlog"></marker>
<p><em>Disk Log properties - requires mod_disk_log</em></p>
<taglist>
<marker id="prop_dlog_format"></marker>
<tag>{disk_log_format, internal | external}</tag>
<item>
<p>Defines the file-format of the log files see disk_log for
more information. If the internal file-format is used, the
logfile will be repaired after a crash. When a log file is
repaired data might get lost. When the external file-format is
used httpd will not start if the log file is broken. Defaults to
external. </p>
</item>
<marker id="prop_edlog"></marker>
<tag>{error_disk_log, path()}</tag>
<item>
<p>Defines the filename of the (disk_log(3)) error log file
to be used to log server errors. If the filename does not begin
with a slash (/) it is assumed to be relative to the server_root. </p>
</item>
<marker id="prop_edlog_size"></marker>
<tag>{error_disk_log_size, {MaxBytes, MaxFiles}}</tag>
<item>
<p>Where MaxBytes = integer() and MaxFiles = integer().
Defines the properties of the (disk_log(3)) error log
file. The disk_log(3) error log file is of type wrap log and
max-bytes will be written to each file and max-files will be
used before the first file is truncated and reused. </p>
</item>
<marker id="prop_sdlog"></marker>
<tag>{security_disk_log, path()}</tag>
<item>
<p>Defines the filename of the (disk_log(3)) access log file
which logs incoming security events i.e authenticated
requests. If the filename does not begin with a slash (/) it
is assumed to be relative to the server_root. </p>
</item>
<marker id="prop_sdlog_size"></marker>
<tag>{security_disk_log_size, {MaxBytes, MaxFiles}}</tag>
<item>
<p>Where MaxBytes = integer() and MaxFiles = integer().
Defines the properties of the disk_log(3) access log
file. The disk_log(3) access log file is of type wrap log and
max-bytes will be written to each file and max-files will be
used before the first file is truncated and reused. </p>
</item>
<marker id="prop_tdlog"></marker>
<tag>{transfer_disk_log, path()}</tag>
<item>
<p>Defines the filename of the (disk_log(3)) access log file
which logs incoming requests. If the filename does not begin
with a slash (/) it is assumed to be relative to the
server_root. </p>
</item>
<marker id="prop_tdlog_size"></marker>
<tag>{transfer_disk_log_size, {MaxBytes, MaxFiles}}</tag>
<item>
<p>Where MaxBytes = integer() and MaxFiles = integer().
Defines the properties of the disk_log(3) access log
file. The disk_log(3) access log file is of type wrap log and
max-bytes will be written to each file and max-files will be
used before the first file is truncated and reused. </p>
</item>
</taglist>
<marker id="props_auth"></marker>
<p><em>Authentication properties - requires mod_auth</em></p>
<marker id="prop_dri"></marker>
<p><em>{directory, {path(), [{property(), term()}]}}</em></p>
<marker id="props_dir"></marker>
<p>Here follows the valid properties for directories </p>
<taglist>
<marker id="prop_allow_from"></marker>
<tag>{allow_from, all | [RegxpHostString]}</tag>
<item>
<p>Defines a set of hosts which should be granted access to a
given directory.
For example:
<code>{allow_from, ["123.34.56.11", "150.100.23"]}</code>
The host 123.34.56.11 and all machines on the 150.100.23
subnet are allowed access. </p>
</item>
<marker id="prop_deny_from"></marker>
<tag>{deny_from, all | [RegxpHostString]}</tag>
<item>
<p>Defines a set of hosts
which should be denied access to a given directory.
For example:
<code>{deny_from, ["123.34.56.11", "150.100.23"]}</code>
The host 123.34.56.11 and all machines on the 150.100.23
subnet are not allowed access. </p>
</item>
<marker id="prop_auth_type"></marker>
<tag>{auth_type, plain | dets | mnesia}</tag>
<item>
<p>Sets the type of authentication database that is used for the
directory.The key difference between the different methods is
that dynamic data can be saved when Mnesia and Dets is used.
This property is called AuthDbType in the Apache like
configuration files. </p>
</item>
<marker id="prop_auth_user_file"></marker>
<tag>{auth_user_file, path()}</tag>
<item>
<p>Sets the name of a file which contains the list of users and
passwords for user authentication. filename can be either
absolute or relative to the <c>server_root</c>. If using the
plain storage method, this file is a plain text file, where
each line contains a user name followed by a colon, followed
by the non-encrypted password. If user names are duplicated,
the behavior is undefined. For example:
<code> ragnar:s7Xxv7
edward:wwjau8 </code>
If using the dets storage method, the user database is
maintained by dets and should not be edited by hand. Use the
API functions in mod_auth module to create / edit the user
database. This directive is ignored if using the mnesia
storage method. For security reasons, make sure that the
<c>auth_user_file</c> is stored outside the document tree of the Web
server. If it is placed in the directory which it protects,
clients will be able to download it. </p>
</item>
<marker id="prop_auth_group_file"></marker>
<tag>{auth_group_file, path()}</tag>
<item>
<p>Sets the name of a file which contains the list of user
groups for user authentication. Filename can be either
absolute or relative to the <c>server_root</c>. If you use the plain
storage method, the group file is a plain text file, where
each line contains a group name followed by a colon, followed
by the member user names separated by spaces. For example:
<code>group1: bob joe ante</code>
If using the dets storage method, the group database is
maintained by dets and should not be edited by hand. Use the
API for mod_auth module to create / edit the group database.
This directive is ignored if using the mnesia storage method.
For security reasons, make sure that the <c>auth_group_file</c> is
stored outside the document tree of the Web server. If it is
placed in the directory which it protects, clients will be
able to download it. </p>
</item>
<marker id="prop_auth_name"></marker>
<tag>{auth_name, string()}</tag>
<item>
<p>Sets the name of the authorization realm (auth-domain) for
a directory. This string informs the client about which user
name and password to use. </p>
</item>
<marker id="prop_auth_access_passwd"></marker>
<tag>{auth_access_password, string()}</tag>
<item>
<p>If set to other than "NoPassword" the password is required
for all API calls. If the password is set to "DummyPassword" the
password must be changed before any other API calls. To secure
the authenticating data the password must be changed after the
web server is started since it otherwise is written in clear
text in the configuration file. </p>
</item>
<marker id="prop_req_user"></marker>
<tag>{require_user, [string()]}</tag>
<item>
<p>Defines users which should be granted access to a given
directory using a secret password. </p>
</item>
<marker id="prop_req_grp"></marker>
<tag>{require_group, [string()]}</tag>
<item>
<p>Defines users which should be granted access to a given
directory using a secret password. </p>
</item>
</taglist>
<marker id="props_htaccess"></marker>
<p><em>Htaccess authentication properties - requires mod_htaccess</em></p>
<taglist>
<marker id="prop_access_files"></marker>
<tag>{access_files, [path()]}</tag>
<item>
<p>Specify which filenames that are used for
access-files. When a request comes every directory in the path
to the requested asset will be searched after files with the
names specified by this parameter. If such a file is found the
file will be parsed and the restrictions specified in it will
be applied to the request. </p>
</item>
</taglist>
<marker id="props_sec"></marker>
<p><em>Security properties - requires mod_security </em></p>
<marker id="prop_sec_dir"></marker>
<p><em>{security_directory, {path(), [{property(), term()}]}}</em></p>
<marker id="props_sdir"></marker>
<p>Here follows the valid properties for security directories</p>
<taglist>
<marker id="prop_data_file"></marker>
<tag>{data_file, path()}</tag>
<item>
<p>Name of the security data file. The filename can either
absolute or relative to the server_root. This file is used to
store persistent data for the mod_security module. </p>
</item>
<marker id="prop_max_retries"></marker>
<tag>{max_retries, integer()}</tag>
<item>
<p>Specifies the maximum number of tries to authenticate a
user has before the user is blocked out. If a user
successfully authenticates when the user has been blocked, the
user will receive a 403 (Forbidden) response from the
server. If the user makes a failed attempt while blocked the
server will return 401 (Unauthorized), for security
reasons.
Defaults to 3 may also be set to infinity. </p>
</item>
<marker id="prop_block_time"></marker>
<tag>{block_time, integer()}</tag>
<item>
<p>Specifies the number of minutes a user is blocked. After
this amount of time, he automatically regains access.
Defaults to 60. </p>
</item>
<marker id="prop_fail_exp_time"></marker>
<tag>{fail_expire_time, integer()}</tag>
<item>
<p>Specifies the number of minutes a failed user authentication
is remembered. If a user authenticates after this amount of
time, his previous failed authentications are
forgotten.
Defaults to 30. </p>
</item>
<marker id="prop_auth_timeout"></marker>
<tag>{auth_timeout, integer()}</tag>
<item>
Specifies the number of seconds a successful user
authentication is remembered. After this time has passed, the
authentication will no longer be reported. Defaults to 30.
</item>
</taglist>
</section>
<funcs>
<func>
<marker id="info1"></marker>
<name>info(Pid) -></name>
<name>info(Pid, Properties) -> [{Option, Value}]</name>
<fsummary>Fetches information about the HTTP server</fsummary>
<type>
<v>Properties = [property()]</v>
<v>Option = property()</v>
<v>Value = term()</v>
</type>
<desc>
<p>Fetches information about the HTTP server. When called
with only the pid all properties are fetched, when called
with a list of specific properties they are fetched.
Available properties are the same as the server's start options.
</p>
<note><p>Pid is the pid returned from inets:start/[2,3].
Can also be retrieved form inets:services/0, inets:services_info/0
see <seealso marker="inets">inets(3)</seealso>
</p></note>
</desc>
</func>
<func>
<marker id="info2"></marker>
<name>info(Address, Port) -> </name>
<name>info(Address, Port, Properties) -> [{Option, Value}] </name>
<fsummary>Fetches information about the HTTP server</fsummary>
<type>
<v>Address = ip_address()</v>
<v>Port = integer()</v>
<v>Properties = [property()]</v>
<v>Option = property()</v>
<v>Value = term()</v>
</type>
<desc>
<p>Fetches information about the HTTP server. When called with
only the Address and Port all properties are fetched, when
called with a list of specific properties they are fetched.
Available properties are the same as the server's start
options.
</p>
<note><p> Address has to be the ip-address and can not be
the hostname.
</p></note>
</desc>
</func>
<func>
<marker id="reload_config"></marker>
<name>reload_config(Config, Mode) -> ok | {error, Reason}</name>
<fsummary>Reloads the HTTP server configuration without
restarting the server.</fsummary>
<type>
<v>Config = path() | [{Option, Value}]</v>
<v>Option = property()</v>
<v>Value = term()</v>
<v>Mode = non_disturbing | disturbing</v>
</type>
<desc>
<p>Reloads the HTTP server configuration without restarting the
server. Incoming requests will be answered with a temporary
down message during the time the it takes to reload.</p>
<note><p>Available properties are the same as the server's
start options, although the properties bind_address and
port can not be changed.</p></note>
<p>If mode is disturbing, the server is blocked forcefully and
all ongoing requests are terminated and the reload will
start immediately. If mode is non-disturbing, no new
connections are accepted, but the ongoing requests are
allowed to complete before the reload is done.</p>
</desc>
</func>
</funcs>
<section>
<title>ERLANG WEB SERVER API DATA TYPES </title>
<code type="none">
ModData = #mod{}
-record(mod, {
data = [],
socket_type = ip_comm,
socket,
config_db,
method,
absolute_uri,
request_uri,
http_version,
request_line,
parsed_header = [],
entity_body,
connection
}).
</code>
<p>To acess the record in your callback-module use </p>
<code> -include_lib("inets/include/httpd.hrl"). </code>
<p>The fields of the <c>mod</c> record has the following meaning:
</p>
<taglist>
<tag><c>data</c></tag>
<item>Type <c>[{InteractionKey,InteractionValue}]</c> is used to
propagate data between modules. Depicted
<c>interaction_data()</c> in function type declarations.
</item>
<tag><c>socket_type</c></tag>
<item><c>socket_type()</c>,
Indicates whether it is an ip socket or a ssl socket.
</item>
<tag><c>socket</c></tag>
<item>The actual socket in <c>ip_comm</c> or <c>ssl</c> format
depending on the <c>socket_type</c>.
</item>
<tag><c>config_db</c></tag>
<item>The config file directives stored as key-value tuples in
an ETS-table. Depicted <c>config_db()</c> in function type
declarations.
</item>
<tag><c>method</c></tag>
<item>Type <c>"GET" | "POST" | "HEAD" | "TRACE"</c>, that is the
HTTP method.
</item>
<tag><c>absolute_uri</c></tag>
<item>If the request is a HTTP/1.1
request the URI might be in the absolute URI format. In that
case httpd will save the absolute URI in this field. An Example
of an absolute URI could
be<c>"http://ServerName:Part/cgi-bin/find.pl?person=jocke"</c></item>
<tag><c>request_uri</c></tag>
<item>The <c>Request-URI</c> as defined
in RFC 1945, for example <c>"/cgi-bin/find.pl?person=jocke"</c></item>
<tag><c>http_version</c></tag>
<item>The <c>HTTP</c> version of the
request, that is "HTTP/0.9", "HTTP/1.0", or "HTTP/1.1".
</item>
<tag><c>request_line</c></tag>
<item>The <c>Request-Line</c> as
defined in RFC 1945, for example <c>"GET /cgi-bin/find.pl?person=jocke HTTP/1.0"</c>.
</item>
<tag><c>parsed_header</c></tag>
<item>Type <c>[{HeaderKey,HeaderValue}]</c>,
<c>parsed_header</c> contains all HTTP header fields from the
HTTP-request stored in a list as key-value tuples. See RFC 2616
for a listing of all header fields. For example the date field
would be stored as: <c>{"date","Wed, 15 Oct 1997 14:35:17 GMT"} </c>.
RFC 2616 defines that HTTP is a case insensitive protocol and
the header fields may be in lower case or upper case. Httpd will
ensure that all header field names are in lower case.
</item>
<tag><c>entity_body</c></tag>
<item>The <c>Entity-Body</c> as defined
in RFC 2616, for example data sent from a CGI-script using the
POST method.
</item>
<tag><c>connection</c></tag>
<item><c>true | false</c> If set to true the connection to the
client is a persistent connection and will not be closed when
the request is served.</item>
</taglist>
</section>
<section>
<title>ERLANG WEB SERVER API CALLBACK FUNCTIONS</title>
</section>
<funcs>
<func>
<marker id="module_do"></marker>
<name>Module:do(ModData)-> {proceed, OldData} | {proceed, NewData} | {break, NewData} | done</name>
<fsummary>Called for each request to the Web server.</fsummary>
<type>
<v>OldData = list()</v>
<v>NewData = [{response,{StatusCode,Body}}] | [{response,{response,Head,Body}}] | [{response,{already_sent,Statuscode,Size}}] </v>
<v>StatusCode = integer()</v>
<v>Body = io_list() | nobody | {Fun, Arg}</v>
<v>Head = [HeaderOption]</v>
<v>HeaderOption = {Option, Value} | {code, StatusCode}</v>
<v>Option = accept_ranges | allow | cache_control | content_MD5 | content_encoding | content_language | content_length | content_location | content_range | content_type | date | etag | expires | last_modified | location | pragma | retry_after | server | trailer | transfer_encoding</v>
<v>Value = string()</v>
<v>Fun = fun( Arg ) -> sent| close | Body </v>
<v>Arg = [term()]</v>
</type>
<desc>
<p>When a valid request reaches httpd it calls <c>do/1</c> in
each module defined by the Modules configuration
option. The function may generate data for other modules
or a response that can be sent back to the client.</p>
<p>The field <c>data</c> in ModData is a list. This list will be
the list returned from the last call to
<c>do/1</c>.</p>
<p><c>Body</c> is the body of the http-response that will be
sent back to the client an appropriate header will be
appended to the message. <c>StatusCode</c> will be the
status code of the response see RFC2616 for the appropriate
values.</p>
<p><c>Head</c> is a key value list of HTTP header fields. The
server will construct a HTTP header from this data. See RFC
2616 for the appropriate value for each header field. If the
client is a HTTP/1.0 client then the server will filter the
list so that only HTTP/1.0 header fields will be sent back
to the client.</p>
<p>If <c>Body</c> is returned and equal to <c>{Fun,Arg}</c>,
the Web server will try <c>apply/2</c> on <c>Fun</c> with
<c>Arg</c> as argument and expect that the fun either
returns a list <c>(Body)</c> that is a HTTP-repsonse or the
atom sent if the HTTP-response is sent back to the
client. If close is returned from the fun something has gone
wrong and the server will signal this to the client by
closing the connection.</p>
</desc>
</func>
<func>
<marker id="module_load"></marker>
<name>Module:load(Line, AccIn)-> eof | ok | {ok, AccOut} | {ok, AccOut, {Option, Value}} | {ok, AccOut, [{Option, Value}]} | {error, Reason} </name>
<fsummary>Load is used to convert a line in a Apache like config
file to a <c>{Option, Value}</c> tuple.</fsummary>
<type>
<v>Line = string()</v>
<v>AccIn = [{Option, Value}]</v>
<v>AccOut = [{Option, Value}]</v>
<v>Option = property()</v>
<v>Value = term() </v>
<v>Reason = term()</v>
</type>
<desc>
<p>Load is used to convert a line in a Apache like
configuration file to a <c>{Option, Value}</c> tuple. Some
more complex configuration options such as <c>directory</c>
and <c>security_directory</c> will create an
accumulator.This function does only need clauses for the
options implemented by this particular callback module.
</p>
</desc>
</func>
<func>
<marker id="module_store"></marker>
<name>Module:store({Option, Value}, Config)-> {ok, {Option, NewValue}} | {error, Reason} </name>
<fsummary></fsummary>
<type>
<v>Line = string()</v>
<v>Option = property()</v>
<v>Config = [{Option, Value}]</v>
<v>Value = term() </v>
<v>Reason = term()</v>
</type>
<desc>
<p>This function is used to check the validity of the
configuration options before saving them in the internal
database. This function may also have a side effect
e.i. setup necessary extra resources implied by the
configuration option. It can also
resolve possible dependencies among
configuration options by changing the value of the option.
This function does only need clauses for the options
implemented by this particular callback module.</p>
</desc>
</func>
<func>
<marker id="module_remove"></marker>
<name>Module:remove(ConfigDB) -> ok | {error, Reason} </name>
<fsummary>Callback function that is called when the Web server is closed.</fsummary>
<type>
<v>ConfigDB = ets_table()</v>
<v>Reason = term()</v>
</type>
<desc>
<p>When httpd is shutdown it will try to execute
<c>remove/1</c> in each Erlang web server callback module. The
programmer may use this function to clean up resources
that may have been created in the store function.</p>
</desc>
</func>
</funcs>
<section>
<title>ERLANG WEB SERVER API HELP FUNCTIONS</title>
</section>
<funcs>
<func>
<marker id="parse_query"></marker>
<name>parse_query(QueryString) -> [{Key,Value}]</name>
<fsummary>Parse incoming data to <c>erl </c>and <c>eval </c>scripts.</fsummary>
<type>
<v>QueryString = string()</v>
<v>Key = string()</v>
<v>Value = string()</v>
</type>
<desc>
<p><c>parse_query/1</c> parses incoming data to <c>erl</c> and
<c>eval</c> scripts (See <seealso marker="mod_esi">mod_esi(3)</seealso>) as defined in the standard
URL format, that is '+' becomes 'space' and decoding of
hexadecimal characters (<c>%xx</c>).</p>
</desc>
</func>
</funcs>
<section>
<title>SEE ALSO</title>
<p>RFC 2616, <seealso marker="inets">inets(3)</seealso>,
<seealso marker="ssl:ssl">ssl(3)</seealso>
</p>
</section>
</erlref>
|