#!/bin/sh
# ~jhs/public_html/bin/cgi/printenv_jhs.sh
# http://www.berklix.com/~jhs/bin/cgi/printenv_jhs.sh by jhs@
# Manually do this on live public servers:
#	cd /usr/local/www
#	ls
#	echo "Assume this has been done: ls -l . apache2."
#	cd cgi-bin
#	ls -l printenv*
#	mv printenv.test.distrib
#	cp ~jhs/public_html/bin/cgi/printenv_jhs.sh printenv
#	chown root:wheel printenv ; chmod a+rx printenv
# Inspired by comment in apache-2.4

#	#!/usr/local/bin/perl
#	# To permit this cgi, replace # on the first line above with the
#	# appropriate #!/path/to/perl shebang, and on Unix / Linux also
#	# set this script executable with chmod 755.
#	# ***** !!! WARNING !!! *****
#	# This script echoes the server environment variables and therefore
#	# leaks information - so NEVER use it in a live server environment!
#	# It is provided only for testing purpose.
#	# Also note that it is subject to cross site scripting attacks on
#	# MS IE and any other browser which fails to honor RFC2616.
#	## printenv -- demo CGI program which just prints its environment
#	use strict;
#	use warnings;
#	print "Content-type: text/plain; charset=iso-8859-1\n\n";
#	foreach my $var (sort(keys(%ENV))) {
#		my $val = $ENV{$var};
#		$val =~ s|\n|\\n|g;
#		$val =~ s|"|\\"|g;
#		print "${var}=\"${val}\"\n";
#	}

# CONTEXT_PREFIX on 12.1-p3 not on 10.3-STABLE			From Server
# DOCUMENT_ROOT							REL=9.2-RELEASE
# GATEWAY_INTERFACE	CGI/1.1				REL=9.2-RELEASE
# HTTP_ACCEPT							From Client
# HTTP_ACCEPT_ENCODING						From Server
# HTTP_ACCEPT_LANGUAGE						From Client
# HTTP_CACHE_CONTROL	Not shown by lynx on client=server	?
# HTTP_CONNECTION						REL=9.2-RELEASE
# HTTP_HOST		www1.berklix.net & www2.berklix.net	From Server
# HTTP_REFERER		http://www.berklix.net/			From Server
# HTTP_USER_AGENT which browser					From Client
# HTTP_VIA	1.0 REL=9.2-RELEASE, 1.1 www.berklix.net Not shown on Android	From Client
# LD_LIBRARY_PATH	on 12.1-p3 not on 10.3-STABLE
# PATH 			may also contain initials of owner of server From Server
# PWD 			is blocked to avoid giving a cracker a clue.
# QUERY_STRING							From ?
# REMOTE_ADDR 		IP no. of client's router.		From Client
# REMOTE_HOST		land.berklix.org
# REMOTE_PORT= > 1024 Presumably from router to server on 80	From Client
# REQUEST_METHOD	GET http://developer.mozilla.org/en-US/docs/Web/HTTP/Methods	From Client
# REQUEST_SCHEME	http					?
# REQUEST_URI		"/cgi-bin/printenv"			REL=9.2-RELEASE
# SCRIPT_FILENAME	"/usr/local/www/cgi-bin/printenv"	REL=9.2-RELEASE
# SCRIPT_NAME		"/cgi-bin/printenv"			REL=9.2-RELEASE
# SERVER_ADDR= 94.185.90.68=slim.berklix.org 144.76.10.75=land.berklix.org		From Server
# SERVER_ADMIN	"webmaster@berklix.net"				REL=9.2-RELEASE
# SERVER_NAME	www2.berklix.net					From Server
# SERVER_PORT	80 Client knows to send to 80. Server replies from 80.	From -
# SERVER_PROTOCOL	HTTP/1.1	REL=9.2-RELEASE 1.0	{ LAND MART SLIM }
# SERVER_SIGNATURE what is this ? blocked to avoid advertising if empty.
# SERVER_SOFTWARE	"Apache/1.3.41 (Unix)"			REL=9.2-RELEASE
# TZ=Europe/Berlin I will ask UK to report what they see.	From ?

# A new printenv blocking some things a cracker might exploit.
printf "Content-type: text/plain; charset=iso-8859-1\n\n"
# for i in `printenv | sort`
printenv | sort \
	| grep -v DOCUMENT_ROOT \
	| grep -v GATEWAY_INTERFACE \
	| grep -v HTTP_CACHE_CONTROL \
	| grep -v HTTP_CONNECTION \
	| grep -v HTTP_DNT \
	| grep -v HTTP_UPGRADE_INSECURE_REQUESTS \
	| grep -v LD_LIBRARY_PATH= \
	| grep -v ONTEXT_PREFIX \
	| grep -v PATH \
	| grep -v PWD \
	| grep -v REQUEST_URI \
	| grep -v SCRIPT_FILENAME \
	| grep -v SCRIPT_NAME \
	| grep -v SERVER_ADMIN \
	| grep -v SERVER_SIGNATURE \
	| grep -v SERVER_SOFTWARE \
	| grep -v UNIQUE_ID