You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Paul <yd...@yahoo.com> on 2002/11/12 22:52:43 UTC

syntax and sanity check?

I'm doing a 45 minute seminar at UAB tomorrow on mod_perl, and would be
very grateful if anyone would point out holes in this code before I try
to show it to a roomful of attendees:
========================================

#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# module for Apache/mod_perl PerlPostReadRequestHandler to redirect
#  users on the nonsecure port over to SSL (hopefully saving bookmarks)
#______________________________________________________________________
�
package Apache::PortCorrect;              # define the package space

use strict;                               # pragma for clean code
use Apache::Constants qw( :response );    # installed with mod_perl
�
sub handler {                                    # default methodname
    my($r) = @_;                                 # the request object
    return OK if 443 == $r->get_server_port;     # ok if already SSL
    my $uri = "https://myserver.com"             # DNS literal *
            . (split /\s+/, $r->the_request)[1]; # requested "page"
    $r->custom_response(MOVED,$uri);             # for re-request
    return MOVED;                                # page moved!
}
1; # guarantee return code for load

================================================================
and
================================================================

PerlPostReadRequestHandler +Apache::PortCorrect

================================================================

If someone is interested in seeing the rest of the presentation, I've
posted it at http://thesilentbard.com/ACM%20Seminar.ppt -- if you'd
care to post it online anywhere else, please let me know first, but
that's cool, too. Any corrections are welcome.

I know it isn't clean (I tried to make sure it fit on one slide and
didn't get too complicated for the topic, hence such non-portable
features as the DNS literal, etc), but suggestions are still very
welcome.

Thanks all,
Paul

__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2

Re: syntax and sanity check?

Posted by Geoffrey Young <ge...@modperlcookbook.org>.


Paul wrote:
> I'm doing a 45 minute seminar at UAB tomorrow on mod_perl, and would be
> very grateful if anyone would point out holes in this code before I try
> to show it to a roomful of attendees:
> ========================================
> 
> #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> # module for Apache/mod_perl PerlPostReadRequestHandler to redirect
> #  users on the nonsecure port over to SSL (hopefully saving bookmarks)
> #______________________________________________________________________
>  
> package Apache::PortCorrect;              # define the package space
> 
> use strict;                               # pragma for clean code
> use Apache::Constants qw( :response );    # installed with mod_perl
>  
> sub handler {                                    # default methodname
>     my($r) = @_;                                 # the request object
>     return OK if 443 == $r->get_server_port;     # ok if already SSL

the best way to check for whether you're using SSL is by checking 
$r->subprocess_env('HTTPS') rather than the port.  see the archives 
for why.

>     my $uri = "https://myserver.com"             # DNS literal *
>             . (split /\s+/, $r->the_request)[1]; # requested "page"

how about $r->uri instead of $r->the_request?  actually, since there's 
sometimes more involved in the request, like the port and query 
string, the right way to change a URI scheme is really

my $uri = Apache::URI->parse($r);
$uri->scheme('https');
my $new_uri = $uri->unparse;

you can see
http://www.modperlcookbook.org/code/ch04/Cookbook/SSLStatus.pm
or recipes 5.3 and 5.4 in the cookbook for a few more examples of 
Apache::URI, and 5.4 shows $r->subprocess_env('HTTPS') (with some 
errata in the code in the first edition, unfortunately).


>     $r->custom_response(MOVED,$uri);             # for re-request
>     return MOVED;                                # page moved!

you can certainly do that, but most people just use a redirect here.

so... i'd probably end up with something like

package Apache::RedirectToSSL;

use strict;
use Apache::Constants qw( OK REDIRECT );
use Apache::URI;

sub handler {

   my $r = shift;

   return OK if $r->subprocess_env('HTTPS');

   my $uri = Apache::URI->parse($r);
   $uri->scheme('https');

   $r->headers_out->set(Location => $uri->unparse);
   return REDIRECT;
}
1;

but that's just me :)

> 
> If someone is interested in seeing the rest of the presentation, I've
> posted it at http://thesilentbard.com/ACM%20Seminar.ppt -- if you'd
> care to post it online anywhere else, please let me know first, but
> that's cool, too. Any corrections are welcome.

I didn't have the chance to take a look, but it's nice to see people 
promoting mod_perl in as many places as possible :)

> 
> I know it isn't clean (I tried to make sure it fit on one slide and
> didn't get too complicated for the topic, hence such non-portable
> features as the DNS literal, etc), but suggestions are still very
> welcome.
> 

right, that's always the problem with presentations, and it usually 
comes down to a decision between overwhelming your audience with 
details and getting the main point across (even if that point isn't 
the whole truth, best way, etc...).

good luck.

--Geoff