Added a warning that these scripts leak information.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1423166 13f79535-47bb-0310-9956-ffa450edef68

4 files changed, 24 insertions, 12 deletions

diff --git a/docs/cgi-examples/printenv b/docs/cgi-examples/printenv
index fca6f8a435..5b5035e268 100644
--- a/docs/cgi-examples/printenv
+++ b/docs/cgi-examples/printenv
@@ -4,9 +4,12 @@
 # appropriate #!/path/to/perl shebang, and on Unix / Linux also
 # set this script executable with chmod 755.
 #
-# Note that it is subject to cross site scripting attacks on MS IE
-# and any other browser which fails to honor RFC2616, so never use
-# it in a live server environment, it is provided only for testing.
+# ***** !!! WARNING !!! *****
+# This script echoes the server environment variables and therefore
+# leaks information - so NEVER use it in a live server environment!
+# It is provided only for testing purpose.
+# Also note that it is subject to cross site scripting attacks on
+# MS IE and any other browser which fails to honor RFC2616. 
 
 ##
 ##  printenv -- demo CGI program which just prints its environment
diff --git a/docs/cgi-examples/printenv.vbs b/docs/cgi-examples/printenv.vbs
index ba8bcbc0ac..9336d43263 100644
--- a/docs/cgi-examples/printenv.vbs
+++ b/docs/cgi-examples/printenv.vbs
@@ -3,9 +3,12 @@
 ' To permit this cgi, replace ' on the first line above with the
 ' appropriate shebang, f.e. '!c:/windows/system32/cscript -nologo
 '
-' Note that it is subject to cross site scripting attacks on MS IE
-' and any other browser which fails to honor RFC2616, so never use
-' it in a live server environment, it is provided only for testing.
+' ***** !!! WARNING !!! *****
+' This script echoes the server environment variables and therefore
+' leaks information - so NEVER use it in a live server environment!
+' It is provided only for testing purpose.
+' Also note that it is subject to cross site scripting attacks on
+' MS IE and any other browser which fails to honor RFC2616. 
 
 ''
 ''  printenv -- demo CGI program which just prints its environment
diff --git a/docs/cgi-examples/printenv.wsf b/docs/cgi-examples/printenv.wsf
index c70b9a65c5..d982eac21f 100644
--- a/docs/cgi-examples/printenv.wsf
+++ b/docs/cgi-examples/printenv.wsf
@@ -3,9 +3,12 @@
 ' To permit this cgi, replace ' on the first line above with the
 ' appropriate shebang, f.e. '!c:/windows/system32/cscript -nologo
 '
-' Note that it is subject to cross site scripting attacks on MS IE
-' and any other browser which fails to honor RFC2616, so never use
-' it in a live server environment, it is provided only for testing.
+' ***** !!! WARNING !!! *****
+' This script echoes the server environment variables and therefore
+' leaks information - so NEVER use it in a live server environment!
+' It is provided only for testing purpose.
+' Also note that it is subject to cross site scripting attacks on
+' MS IE and any other browser which fails to honor RFC2616. 
 
 ''
 ''  printenv -- demo CGI program which just prints its environment
diff --git a/docs/cgi-examples/test-cgi b/docs/cgi-examples/test-cgi
index d92e0eccf8..eb80f3e4db 100644
--- a/docs/cgi-examples/test-cgi
+++ b/docs/cgi-examples/test-cgi
@@ -4,9 +4,12 @@
 # appropriate #!/path/to/sh shebang, and set this script executable
 # with chmod 755.
 #
-# Note that it is subject to cross site scripting attacks on MS IE
-# and any other browser which fails to honor RFC2616, so never use
-# it in a live server environment, it is provided only for testing.
+# ***** !!! WARNING !!! *****
+# This script echoes the server environment variables and therefore
+# leaks information - so NEVER use it in a live server environment!
+# It is provided only for testing purpose.
+# Also note that it is subject to cross site scripting attacks on
+# MS IE and any other browser which fails to honor RFC2616. 
 
 # disable filename globbing
 set -f