diff options
author | Yorhel <git@yorhel.nl> | 2017-12-26 13:23:40 +0100 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2017-12-26 13:23:46 +0100 |
commit | 0297bc628344618eecf773fc2f65c44b5f531cff (patch) | |
tree | 4731a73032ef4c1d215e29109a30afd71bfdfd46 /examples | |
parent | 2aee6b38815548cece7bc8c47f3947a2292f9eee (diff) |
TUWF::Request: Check for control characters on all client input
Seems much safer. I've not tested this patch as well as I'd like, I'll
do some more testing later to see if I broke something.
Diffstat (limited to 'examples')
-rw-r--r-- | examples/MyWebsite/InfoDump.pm | 30 |
1 files changed, 11 insertions, 19 deletions
diff --git a/examples/MyWebsite/InfoDump.pm b/examples/MyWebsite/InfoDump.pm index 27acebf..c6b1e2d 100644 --- a/examples/MyWebsite/InfoDump.pm +++ b/examples/MyWebsite/InfoDump.pm @@ -9,15 +9,7 @@ use warnings; use TUWF ':html'; -TUWF::register( - qr/info/ => \&info, - qr{info/forms} => \&forms, -); - - -sub info { - my $self = shift; - +TUWF::any ['get','post'], '/info' => sub { my $tr = sub { Tr; td shift; td shift; end }; html; @@ -38,45 +30,45 @@ sub info { h2 'GET Parameters'; table; thead; Tr; td 'Name'; td 'Value'; end; end; - $tr->($_, join "\n---\n", $self->reqGet($_)) for ($self->reqGets()); + $tr->($_, join "\n---\n", tuwf->reqGet($_)) for (tuwf->reqGets); end; h2 'POST Parameters'; table; thead; Tr; td 'Name'; td 'Value'; end; end; - $tr->($_, join "\n---\n", $self->reqPost($_)) for ($self->reqPosts()); + $tr->($_, join "\n---\n", tuwf->reqPost($_)) for (tuwf->reqPosts); end; h2 'Uploaded files'; table; thead; Tr; td 'Name'; td 'File size - File name - Mime type'; end; end; - $tr->($_, length($self->reqUploadRaw($_)).' - '.$self->reqPost($_).' - '.$self->reqUploadMIME($_)) for ($self->reqUploadMIMEs()); + $tr->($_, length(tuwf->reqUploadRaw($_)).' - '.tuwf->reqPost($_).' - '.tuwf->reqUploadMIME($_)) for (tuwf->reqUploadMIMEs); end; h2 'HTTP Headers'; table; thead; Tr; td 'Header'; td 'Value'; end; end; - $tr->($_, $self->reqHeader($_)) for ($self->reqHeader()); + $tr->($_, tuwf->reqHeader($_)) for (tuwf->reqHeader); end; h2 'HTTP Cookies'; table; thead; Tr; td 'Cookie'; td 'Value'; end; end; - $tr->($_, $self->reqCookie($_)) for ($self->reqCookie()); + $tr->($_, tuwf->reqCookie($_)) for (tuwf->reqCookie); end; h2 'Misc. request functions'; table; thead; Tr; td 'Function'; td 'Return value'; end; end; - $tr->($_, eval "\$self->$_;") for(qw{ - reqMethod() reqPath() reqBaseURI() reqURI() reqHost() reqIP() + $tr->($_, tuwf->$_) for(qw{ + reqProtocol reqMethod reqPath reqBaseURI reqURI reqQuery reqHost reqIP }); end; end; -} +}; -sub forms { +TUWF::get '/info/forms' => sub { html; body; h1 'Forms for generating some input for /info'; @@ -125,7 +117,7 @@ sub forms { end; end; -} +}; 1; |