How is it a security hole? On Tue, May 30, 2017 at 10:41 AM, Ruben Safir <ru...@mrbrklyn.com> wrote:
> On Tue, May 30, 2017 at 09:47:59AM +0100, James Smith wrote: > > Not really a mod_perl question but you can always wrap your method > > call in an eval > > > > my $ret = eval { $m->...() }; > > > > And then check $@ for the error message > > > > > that is a security hole > > > > > On 2017-05-26 02:08 AM, Peng Yonghua wrote: > > >greeting, > > > > > >I am not so good at perl/modperl,:) > > > > > >In the handler, a method from a class was called, when something > > >dies from within the method, what's the correct way the handler > > >will take? > > > > > >for example, I wrote this API which works right if given a correct > > >domain name: > > > > > >http://fenghe.org/domain/?d=yahoo.com > > > > > >server response: > > >var data={"registration":"domain may be taken","domain":"yahoo.com"} > > > > > >If given a wrong domain name: > > > > > >http://fenghe.org/domain/?d=yahoo.nonexist > > > > > >The server returns 500. > > > > > >This is because, in the handler, I used this module (wrote also by me): > > > > > >http://search.cpan.org/~pyh/Net-Domain-Registration-Check- > 0.03/lib/Net/Domain/Registration/Check.pm > > > > > > > > >And in the module, croak like this was happened, > > > > > >croak "domain TLD not exists" unless tld_exists($tld); > > > > > >When handler meets the croak, it dies (I guess) and server returns 500. > > > > > >How will I make the full system work right? fix on handler, or the > > >module itself? > > > > > >Thanks. > > > > > > > > -- > > The Wellcome Trust Sanger Institute is operated by Genome Research > > Limited, a charity registered in England with number 1021457 and a > > company registered in England with number 2742969, whose registered > > office is 215 Euston Road, London, NW1 2BE. > > -- > So many immigrant groups have swept through our town > that Brooklyn, like Atlantis, reaches mythological > proportions in the mind of the world - RI Safir 1998 > http://www.mrbrklyn.com > > DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 > http://www.nylxs.com - Leadership Development in Free Software > http://www2.mrbrklyn.com/resources - Unpublished Archive > http://www.coinhangout.com - coins! > http://www.brooklyn-living.com > > Being so tracked is for FARM ANIMALS and and extermination camps, > but incompatible with living as a free human being. -RI Safir 2013 > > -- John Dunlap *CTO | Lariat * *Direct:* *j...@lariat.co <j...@lariat.co>* *Customer Service:* 877.268.6667 supp...@lariat.co