The "/ext" page:
Relay an HTTP request to secondary CGI after first checking the
login credentials and setting auxiliary environment variables
so that the secondary CGI can be aware of the credentials and
capabilities of the Fossil user.
The /ext page is only functional if the "extroot: DIR" setting is
found in the CGI script that launched Fossil, or if the "--extroot DIR"
flag is present when Fossil is lauched using the "server", "ui", or
"http" commands. DIR must be an absolute pathname (relative to the
chroot jail) of the root of the file hierarchy that implements the CGI
functionality. Executable files are CGI. Non-executable files are
The path after the /ext is the path to the CGI script or static file
relative to DIR. For security, this path may not contain characters
other than ASCII letters or digits, ".", "-", "/", and "_". If the
"." or "-" characters are present in the path then they may not follow
If the path after /ext ends with "/" and is the name of a directory then
that directory is searched for files named "index.html", "index.wiki",
and "index.md" (in that order) and if found, those filenames are
appended to the path.