Question

I noticed, that sometimes (especially where mod_rewrite is not available) this path scheme is used:

http://host/path/index.php/clean_url_here
--------------------------^

This seems to work, at least in Apache, where index.php is called, and one can query the /clean_url_here part via $_SERVER[ PATH_INFO ]. PHP even kind of advertises this feature. Also, e.g., the CodeIgniter framework uses this technique as default for their URLs.

The question: How reliable is the technique? Are there situations, where Apache doesn t call index.php but tries to resolve the path? What about lighttpd, nginx, IIS, AOLServer?

A ServerFault question? I think it s got more to do with using this feature inside PHP code. Therefore I ask here.

Addendum: As suggested by VolkerK, a reasonable extension to this question is: How can a programmer influence the existence of $_SERVER[ PATH_INFO ] on various server types?

Answer 1

I think this a question which is equally suited for stackoverflow and serverfault. E.g. I as a developer can only tell you that pathinfo is as trustworthy as any user-input (which means it can contain virtually anything) and your script may or may not receive it depending on the webserver version and configuration:

Apache: AcceptPathInfo
IIS: e.g. AllowPathInfoForScriptMappings and others
and so on and on...

But server admins possibly can tell you which settings you can expect "in the real world" and why those settings are preferred.
So the question becomes: How much influence do you (or the expected userbase) have on the server configuration.

Answer 2

AcceptPathInfo needs to be enabled in order to have this working.

Answer 3

From my experience I d say PATH_INFO is usually available in normal web hosting environments and server setups - even on IIS - but on rare occasions, it is not. When building an application that is supposed to be deployable on as many platforms as possible, I would not trust path_info on a hard-coded level.

Whenever I can, I try to build a wrapper function build_url() that, depending on a configuration setting, uses either

the raw URL www.example.com/index.php?clean_url=clean_url_here
the path_info mechanism www.example.com/index.php/clean_url
mod_rewrite www.example.com/clean_url

and use that in all URLs the application emits.

Answer 4

There might be naive scripts (auto-linking for example) that do not recognize this URL s format. Thereby decreasing the chance that links to your content will be created.
Since home-grown regular expression patterns are common for these tasks, the chance of failure is quite real.

Technically, those URLs are fine. SEO-wise, they are less perfect .

友情链接