General Description on URL

 


Description

All URLs use the GET method in the HTTP transaction. There are two URL types, Type 1 URL and Type 2 URL, supported in the CGI. These two types of URLs share the same URL commands. In Type1 URL, the user account and password are carried in the first two URL commands. In Type2 URL, is the user account and password are not in the URL. It needs to have extra HTTP authentication first. To distinguish these two types of URLs, the different CGI program path is used.

Important Note

The & is the reserved character in URL to link two URLs. If the & is in the input argument of an URL, the firmware will treat two URL commands.
Example 1: URL1=abc&URL2=def
In this example, the firmware gets two URL commands. The first one is URL1=abc and the second one is URL2=def.
Example 2: URL1=abc&def
In this example, the firmware gets two URL commands again. The first one is URL1=adc and the second on is def.

So, the & has to be not in the input argument of a URL command.

CGI Path

The CGI program path was defined in the firmware and not changeable. In type 1 URL, the CGI path is the /cgi-bin/. In type 2 URL, the CGI path is the /cgi-bin/cmd/
For example, the URL Command in system CGI for type 1 URL is

http://ip:port/cgi-bin/system?USER=xxxx&PWD=xxxx&CMD

the URL command in system CGI for type 2 URL is

http://ip:port/cgi-bin/cmd/system?CMD

Format of URL

Type1 URL

In the first type, it is not secure URL because people could get the account and password easily by sniffing the network. However, it is very simple, all CGIs support this type URL currently. For security consideration, this type URL might be removed from all CGIs in the future. The format of the URL looks like

http://ip:port/cgi-bin/CGI?USER=admin&PWD=123456&CMD1=VALUE1&CMD2

where
ip: the device IPv4 address
port: the device's HTTP port. If it is 80, the port could be omitted
CGI: CGI Program like system, mpeg4, encoder, update ,....
CMD1=VALUE1 : a write command to set the VALUE1 to device's configuration associated with CMD1
CMD2 : a read command to get the device's configuration associated with CMD2

You could find two successive URLs are connected by the symbol "& and the USER and PWD carried the user name and password in plain text as the part of URL command.

Note that except the USER, PWD and CHANNEL commands, the error in the URL will not stop processing the rest of URLs but the error message will be returned if there are many URLs in a single URL command.

Here is the dump of the content of an URL with Microsoft Internet Explorer 7 for reference. This URL is

http://172.16.3.53/cgi-bin/system?USER=Admin&PWD=123456&WAN_TYPE

ASCII Format

GET /cgi-bin/system?USER=Admin&PWD=123456&WAN_TYPE HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-tw
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)
Host: 172.16.3.56
Connection: Keep-Alive

Hex Dump Format

ASCII Format

HTTP/1.0 200 OK
Content-type: text/plain

WAN_TYPE='1'

Hex Dump Format

Type2 URL

In the second type, it is more secure URL because the account and password has to be encrypted in the HTTP transaction. Not all CGIs support this type of URL. The system, mpeg4, encoder and decoder CGIs supports this. For security consideration, this type might be available to all CGIs in the future. The format of the URL looks like

http://ip:port/cgi-bin/cmd/CGI?CMD1=VALUE1&CMD2

where
the usage is very similar to the Type1 URL except the path of CGI program is different.

Once you applied the URL, the login prompt window will be shown. You need to enter the account and password in the window to go further.

Here is the dump of the content of an URL with Microsoft Internet Explorer 7 for reference. This URL is

http://172.16.3.53/cgi-bin/cmd/system?WAN_TYPE

The host sends the URL without any account information to the device.

ASCII format

GET /cgi-bin/cmd/system?WAN_TYPE HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-tw
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)
Host: 172.16.3.56
Connection: Keep-Alive

Hex Dump Format

The device reply the Unauthorized message and prompt the logon window.

ASCII Format

HTTP/1.1 401 Unauthorized
Server: thttpd/2.25b 29dec2003
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 26 Dec 2007 10:57:41 GMT
Last-Modified: Wed, 26 Dec 2007 10:57:41 GMT
Accept-Ranges: bytes
Connection: close
Cache-Control: no-cache,no-store
WWW-Authenticate: Basic realm="cgi-bin/cmd"

<HTML>
<HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc">
<H2>401 Unauthorized</H2>
Authorization required for the URL '/cgi-bin/cmd/system?WAN_TYPE'.
<!--
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
-->
<HR>
<ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS>
</BODY>
</HTML>

Hex Dump Format

The host sends the URL with encrypted account information to the device.

ASCII Format

GET /cgi-bin/cmd/system?WAN_TYPE HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-tw
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)
Host: 172.16.3.56
Connection: Keep-Alive
Authorization: Basic QWRtaW46MTIzNDU2

Hex Dump Format

The device reply of the command

ASCII Format

HTTP/1.0 200 OK
Content-type: text/plain

WAN_TYPE='1'

Hex Dump Format

Note that the CHANNEL=n command will be ignored if the device is an one channel device.

URL in Multi-Channel Encoder

There are two levels of URL in a Multi-Channel Encoder device. The first level URL is for the Router and the second level URL is for the Video Server. To identify the level of URL, the CHANNEL command is used. The Router URL does not need to have CHANNEL command but the Video Server URL needs to use CHANNEL command.

Format of the Router URL

http://ip:port/cgi-bin/CGI?USER=Admin&PWD=123456&CMD1=VALUE1&CMD2
or
http://ip:port/cgi-bin/cmd/CGI?CMD1=VALUE1&CMD2

You could find these formats are the same as the general URL describe above.

Format of the Video Server URL

http://ip:port/cgi-bin/CGI?USER=Admin&PWD=123456&CHANNEL=n&CMD1=VALUE1&CMD2
or
http://ip:port/cgi-bin/cmd/CGI?CHANNEL=n&CMD1=VALUE1&CMD2
where n is the channel ID of the Video Server started from 1.

The CHANNEL command must follow the account command or be the first command in the URL.

URL in Quad Encoder or 2CH Video Server

There are two levels of the URL in a QUAD or 2CH Encoder device. The first level is the global URL and the second level is the channel level URL. To identify the level of URL, the CHANNEL command is used. The global URL does not need to have CHANNEL command but the channel URL needs to use CHANNEL command.

Format of the global URL

http://ip:port/cgi-bin/CGI?USER=Admin&PWD=123456&CMD1=VALUE1&CMD2
or
http://ip:port/cgi-bin/cmd/CGI?CMD1=VALUE1&CMD2
where
CGI: the CGI program. It could be system or quad.

Format of the channel URL

http://ip:port/cgi-bin/CGI?USER=Admin&PWD=123456&CHANNEL=n&CMD1=VALUE1&CMD2
or
http://ip:port/cgi-bin/cmd/CGI?CHANNEL=n&CMD1=VALUE1&CMD2
where n is the channel ID of the Video Server started from 1.

The CHANNEL command must follow the account command or be the first command in the URL.

Back to

HOME