Path: csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <rosuav@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.000
X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'python,': 0.02; 'django.': 0.05; 'executable': 0.07; 'subject:Error': 0.07; 'ignoring': 0.09; 'php,': 0.09; 'subject:using': 0.09; 'url:localhost': 0.09; 'cc:addr:python-list': 0.10; 'python': 0.11; 'output': 0.15; 'thu,': 0.15; '404': 0.16; 'as-is': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'subject:when': 0.16; 'url:filename': 0.16; 'url:py': 0.16; 'worst': 0.16; 'wrote:': 0.16; 'frameworks': 0.18; 'windows': 0.20; 'cc:2**0': 0.21; 'cc:addr:python.org': 0.21; 'trying': 0.22; 'css,': 0.22; 'am,': 0.23; 'defined': 0.23; '2015': 0.23; 'header:In-Reply-To:1': 0.24; 'script': 0.25; 'error': 0.27; 'define': 0.27; 'found.': 0.27; 'message-id:@mail.gmail.com': 0.28; "i'm": 0.29; '(it': 0.29; 'cgi': 0.29; 'running.': 0.29; 'url:non-standard http port': 0.31; 'entry': 0.31; 'code': 0.31; 'run': 0.32; 'gets': 0.32; 'up.': 0.32; 'system,': 0.32; 'computer.': 0.32; 'running': 0.34; 'file': 0.34; 'server': 0.34; 'received:google.com': 0.34; 'remote': 0.35; 'but': 0.36; 'serve': 0.36; 'there': 0.36; 'depends': 0.36; 'urls': 0.36; 'should': 0.37; 'subject:: ': 0.37; "won't": 0.38; 'positive': 0.38; 'files': 0.38; 'does': 0.39; 'where': 0.40; 'your': 0.60; 'simple': 0.61; 'avoid': 0.61; 'chrisa': 0.84; 'execution;': 0.84; 'to:none': 0.90; 'browser:': 0.91; 'subject:Server': 0.91
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=BjS0Ue6wzSoV3kP6T9psymMVor6w/7g/HSCeYE/00A8=; b=GAkc9LdB7geOr8bV2uN36rhnfDQtj+9qHmmN7Sp2jy5h4Xx7EtwDIuDoaux5XE4+E5 vjHUkmul8Ds+VjBSqJlU0TXgEBA6Jcq1oL/pu7lvDqeIkmIe8xwbltudoQH4nsLmmzex rB0WNz7ZZLXlILUghupVM4+WBE1E4g5yaq+lPQaQthbu0NiHoOwkyMeTEmy6m1yEpoOn PYb6cdpMBjBRR+K6r/VemwmqonVfT6yDcfMg9uimK6zn5GkPp+aPsXtz02GiIrLMBb4i ERMeRYyTGF7fZU3iRFPOGeGTVlCLFNyncsEcMnHRdYhz7GiyUv7r5u92AtR237PQM1WV 990Q==
MIME-Version: 1.0
X-Received: by 10.50.43.196 with SMTP id y4mr2917763igl.14.1435226541350; Thu, 25 Jun 2015 03:02:21 -0700 (PDT)
In-Reply-To: <CAKDUBcvmfCy45r+Nx+1a7=O3apZLnMTC8V98kOmTmoJnr6=L9A@mail.gmail.com>
References: <CAKDUBcvmfCy45r+Nx+1a7=O3apZLnMTC8V98kOmTmoJnr6=L9A@mail.gmail.com>
Date: Thu, 25 Jun 2015 20:02:21 +1000
Subject: Re: 404 Error when using local CGI Server
From: Chris Angelico <rosuav@gmail.com>
Cc: "python-list@python.org" <python-list@python.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.20+
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.53.1435226544.3674.python-list@python.org>
Lines: 22
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1435226544 news.xs4all.nl 2965 [2001:888:2000:d::a6]:44024
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:93127

On Thu, Jun 25, 2015 at 3:48 AM, Charles Carr <chcarr@sas.upenn.edu> wrote:
> I am running a local cgi server from python on a windows 7 computer.
> Whenever I try to serve the output of a cgi file by entering the following
> into my browser: http://localhost:8080/filename.py , I get a 404 error
> message that the file was not found. I'm positive that the files I am trying
> to serve are in the same directory as the server script that is running. Are
> there any tips as to where I should save my files in order to avoid this
> error?

It depends entirely on how your server is set up. What I would
recommend is completely ignoring the file system, and designing a web
site using one of the frameworks that are available for Python, such
as Flask or Django. Your URLs are defined in your code; you can have a
'static' directory from which simple files (images, CSS, etc) get
served, but the file system does not define executable entry points.
This avoids the *massive* problems of PHP, where an attacker can
upgrade a file delivery exploit into remote code execution; the worst
that can happen with Python+Flask+static is that the file gets
uploaded into static/ and is then available as-is for download (it
won't be run on the server).

ChrisA