1CGI::Application::PlugiUns:e:rReCqounitrreiSbSuLt(e3d)PCeGrIl::DAopcpulmiecnattaitoino:n:Plugin::RequireSSL(3)
2
3
4

NAME

6       CGI::Application::Plugin::RequireSSL - Force SSL in specified pages or
7       modules
8

VERSION

10       Version 0.04
11

SYNOPSIS

13           use CGI::Application::Plugin::RequireSSL;
14
15           sub login_form :RequireSSL {
16               my $self = shift;
17               # etc
18           }
19

DESCRIPTION

21       CGI::Application::Plugin::RequireSSL allows individual run modes or
22       whole modules to be protected by SSL. If a standard HTTP request is
23       received, you can specify whether an error is raised or if the request
24       should be redirected to the HTTPS equivalent URL.
25

EXPORT

27       Exported methods:
28           config_requiressl, mode_redirect
29

USAGE

31   run mode-level protection
32       run mode protection is specified by the RequireSSL attribute after the
33       method name:
34
35           sub process_login :RequireSSL {
36               my $self = shift;
37           }
38
39   Module-level protection
40       You can protect a complete module by setting the 'require_ssl'
41       parameter in your instance script:
42
43           use MyApp;
44           my $webapp = MyApp->new(
45               PARAMS => {require_ssl => 1}
46           );
47           $webapp->run();
48
49   Redirecting to a protected URL.
50       By default, an error is raised if a request is made to a protected run
51       mode or module using HTTP. However, you can specify that the request is
52       redirected to the HTTPS url by setting the rewrite_to_ssl parameter as
53       long as the requested method is not POST:
54
55           my $webapp = MyApp->new(
56               PARAMS => {rewrite_to_ssl => 1}
57           );
58
59   Turning off checks.
60       If you need to turn off checks, simply set the ignore_check parameter
61       when configuring the plugin (see "config_requiressl" below).
62
63   Reverting to HTTP
64       Once a successful request is made to a protected run mode or module,
65       subsequent requests to a non-protected run mode or module will revert
66       to using HTTP.  To prevent this from happening, set the parameter
67       keep_in_ssl in the configuration (see "config_requiressl" below)
68

METHODS

70   config_requiressl
71       Optionally configure the plugin in your cgiapp_init method
72
73           $self->config_requiressl(
74               keep_in_ssl => 0,
75               ignore_check => 0,
76           )
77
78       Valid parameters are:
79
80       •   keep_in_ssl - if set, all subsequent requests following one to a
81           protected run mode or module will be via HTTPS.
82
83       •   ignore_check - ignore SSL schecking. This is useful if your
84           application is deployed in an environment that doesn't support SSL.
85
86   mode_redirect
87       This is a run mode that will be automatically called if the request
88       should be redirected to the equivalent HTTP or HTTPS URL. You should
89       not call it directly.
90

AUTHOR

92       Dan Horne, "<dhorne at cpan.org>"
93

BUGS

95       Please report any bugs or feature requests to
96       "bug-cgi-application-plugin-requiressl at rt.cpan.org", or through the
97       web interface at
98       <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=CGI-Application-Plugin-RequireSSL>.
99       I will be notified, and then you'll automatically be notified of
100       progress on your bug as I make changes.
101

CAVEAT

103       This module been tested under the FastCGI persistent environment, but
104       not under mod_perl. The author would apprecaute feedback from anyone
105       who is able to test with that environment.
106

SUPPORT

108       You can find documentation for this module with the perldoc command.
109
110           perldoc CGI::Application::Plugin::RequireSSL
111
112       You can also look for information at:
113
114       •   AnnoCPAN: Annotated CPAN documentation
115
116           <http://annocpan.org/dist/CGI-Application-Plugin-RequireSSL>
117
118       •   CPAN Ratings
119
120           <http://cpanratings.perl.org/d/CGI-Application-Plugin-RequireSSL>
121
122       •   RT: CPAN's request tracker
123
124           <http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Application-Plugin-RequireSSL>
125
126       •   Search CPAN
127
128           <http://search.cpan.org/dist/CGI-Application-Plugin-RequireSSL>
129

ACKNOWLEDGEMENTS

131       •   Users of the CGI::Application wiki (http://www.cgi-app.org) who
132           requested this module.
133
134       •   Andy Grundman - I stole the idea of the keep_in_ssl parameter from
135           his Catalyst::Plugin::RequireSSL module
136
138       Copyright 2007 Dan Horne, all rights reserved.
139
140       This program is free software; you can redistribute it and/or modify it
141       under the same terms as Perl itself.
142
143
144
145perl v5.38.0                      2023-0C7G-I2:0:Application::Plugin::RequireSSL(3)
Impressum