Re: [OT] Encrypting Embedded URLs
Hi, I read about this the other day... lemesee where did I read this... Oh yes! In Web Security, Privacy and Commerce by Simson Garfinkel, p. 453-454. The perl code is on those pages. Elizabeth Nigel Hamilton <[EMAIL PROTECTED]> writes: > Hi, > > I'm looking for a two-way cipher to obfuscate URL parameters > safely and succinctly (not too many extra characters). > > # For example, something that converts this URL: > $url = 'http://www.foo.com?a=1212&u=http://www.foo1.com?&a=12323'; > > # to an encoded URL with the parameters obfuscated > print Simple::URLEncode($url); > > # that looks like this: > http://www.foo.com?params=aJHKJHKJHKJHHGHFTDTDGDFDFGDGHDHG879879 > > A built-in checksum would be a bonus ... any ideas? > > Thanks > > Nigel > > -- > Nigel Hamilton > Turbo10 Metasearch Engine > > email:[EMAIL PROTECTED] > tel: +44 (0) 207 987 5460 > fax: +44 (0) 207 987 5468 > > http://turbo10.comSearch Deeper. Browse Faster.
Re: Best way to create a properties file for cgi/perl scripts
"Cox, Todd (NCI)" <[EMAIL PROTECTED]> writes: > I have a few Perl scripts that updates our Novell Directory using the > Net::LDAP module. My question is I have created a ldap properties file that > has the bind user and a few other items like scope and base. I would like > to know the best way to secure this file but still have my scripts able to > access it. I am currently running apache 1.2.3 under Linux 7.1. > > Any thoughts are appreciated. Placing the properties file out of the web-directory tree (e.g: ~/htdocs/ == directory root ~/var/properties/ == place to put property files ) and making sure your properties file is read-only for the user that is running the cgi-bin process (with suEXEC this would be whoever's home directory it is in the above example) and running suEXEC. If your cgi-bin directory is at: ~/cgi-bin/ then just load up the properties file as: open PROPERTIES, "<../var/properties/nds.csv"; # etc If you're unable to run the cgi-bin with suEXEC, you might conider encrypting the properties file using public key encryption but I've only done the former suggestion myself. Elizabeth
[mod_perl] Restarting after a module changes when you're not able to restart
Hi, I have been writing scripts on a local machine. I noticed that mod_perl can tell when I change a CGI script, but if that script accesses a module or module that changes, it often times does not notice this. So, when I update the module files I restart apache. This has worked fine for my local machine, but the day is drawing near in which I may be installing this onto a web-host provider running mod_perl. If this happens and there is an upgrade or a bug-fix in a module, how does one deal with it? Does mod_perl garbage collect the compiled code after it has not been accessed in a while? Thank you, Elizabeth
@INC Not exported in older perl's?
Hi, I have been developing a web application using Apache and mod_perl. It consists of a single CGI perl script and many, many modules. The application was originally developed with perl 5.6. I moved it onto an i386 box running perl 5.005 and now there is a particular issue that I'm having trouble understanding. What happens is that an included module 'require's another module, but it's @INC is different than the one defined in the original, single CGI script. While one quick fix would be to simply add "use lib '.'" to the beginning of this particular module, I would rather diagnose the problem as I wonder why it's having this trouble. The error displayed using CGI.pm's carp is: Can't locate Time/DaysInMonth.pm in @INC (@INC contains: /usr/lib/perl5/5.005/i386-linux /usr/lib/perl5/5.005 /usr/local/lib/site_perl/i386-linux /usr/local/lib/site_perl /usr/lib/perl5 . /etc/apache/ /etc/apache/lib/perl) at ../lib/perl/Time/ParseDate.pm line 896 This does not include the directory included using use libs: use lib "../lib/perl"; in the one cgi-bin file. The funny thing about this is that the module that is throwing the error's location happens to be "../lib/perl/Time/ParseDate.pm", which includes: require Time::DaysInMonth. Is there an easy solution to this? Am I missing something? Thank you, Elizabeth