1CGI::Application::PlugiUns:e:rReCqounitrreiSbSuLt(e3d)PCeGrIl::DAopcpulmiecnattaitoino:n:Plugin::RequireSSL(3)
2
3
4
6 CGI::Application::Plugin::RequireSSL - Force SSL in specified pages or
7 modules
8
10 Version 0.04
11
13 use CGI::Application::Plugin::RequireSSL;
14
15 sub login_form :RequireSSL {
16 my $self = shift;
17 # etc
18 }
19
21 CGI::Application::Plugin::RequireSSL allows individual run modes or
22 whole modules to be protected by SSL. If a standard HTTP request is
23 received, you can specify whether an error is raised or if the request
24 should be redirected to the HTTPS equivalent URL.
25
27 Exported methods:
28 config_requiressl, mode_redirect
29
31 run mode-level protection
32 run mode protection is specified by the RequireSSL attribute after the
33 method name:
34
35 sub process_login :RequireSSL {
36 my $self = shift;
37 }
38
39 Module-level protection
40 You can protect a complete module by setting the 'require_ssl'
41 parameter in your instance script:
42
43 use MyApp;
44 my $webapp = MyApp->new(
45 PARAMS => {require_ssl => 1}
46 );
47 $webapp->run();
48
49 Redirecting to a protected URL.
50 By default, an error is raised if a request is made to a protected run
51 mode or module using HTTP. However, you can specify that the request is
52 redirected to the HTTPS url by setting the rewrite_to_ssl parameter as
53 long as the requested method is not POST:
54
55 my $webapp = MyApp->new(
56 PARAMS => {rewrite_to_ssl => 1}
57 );
58
59 Turning off checks.
60 If you need to turn off checks, simply set the ignore_check parameter
61 when configuring the plugin (see "config_requiressl" below).
62
63 Reverting to HTTP
64 Once a successful request is made to a protected run mode or module,
65 subsequent requests to a non-protected run mode or module will revert
66 to using HTTP. To prevent this from happening, set the parameter
67 keep_in_ssl in the configuration (see "config_requiressl" below)
68
70 config_requiressl
71 Optionally configure the plugin in your cgiapp_init method
72
73 $self->config_requiressl(
74 keep_in_ssl => 0,
75 ignore_check => 0,
76 )
77
78 Valid parameters are:
79
80 · keep_in_ssl - if set, all subsequent requests following one to a
81 protected run mode or module will be via HTTPS.
82
83 · ignore_check - ignore SSL schecking. This is useful if your
84 application is deployed in an environment that doesn't support SSL.
85
86 mode_redirect
87 This is a run mode that will be automatically called if the request
88 should be redirected to the equivalent HTTP or HTTPS URL. You should
89 not call it directly.
90
92 Dan Horne, "<dhorne at cpan.org>"
93
95 Please report any bugs or feature requests to
96 "bug-cgi-application-plugin-requiressl at rt.cpan.org", or through the
97 web interface at
98 <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=CGI-Application-Plugin-RequireSSL>.
99 I will be notified, and then you'll automatically be notified of
100 progress on your bug as I make changes.
101
103 This module been tested under the FastCGI persistent environment, but
104 not under mod_perl. The author would apprecaute feedback from anyone
105 who is able to test with that environment.
106
108 You can find documentation for this module with the perldoc command.
109
110 perldoc CGI::Application::Plugin::RequireSSL
111
112 You can also look for information at:
113
114 · AnnoCPAN: Annotated CPAN documentation
115
116 <http://annocpan.org/dist/CGI-Application-Plugin-RequireSSL>
117
118 · CPAN Ratings
119
120 <http://cpanratings.perl.org/d/CGI-Application-Plugin-RequireSSL>
121
122 · RT: CPAN's request tracker
123
124 <http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Application-Plugin-RequireSSL>
125
126 · Search CPAN
127
128 <http://search.cpan.org/dist/CGI-Application-Plugin-RequireSSL>
129
131 · Users of the CGI::Application wiki (http://www.cgi-app.org) who
132 requested this module.
133
134 · Andy Grundman - I stole the idea of the keep_in_ssl parameter from
135 his Catalyst::Plugin::RequireSSL module
136
138 Copyright 2007 Dan Horne, all rights reserved.
139
140 This program is free software; you can redistribute it and/or modify it
141 under the same terms as Perl itself.
142
143
144
145perl v5.28.1 2007-0C7G-I1:2:Application::Plugin::RequireSSL(3)