[sNip]
> Telling the browser to fudge the URL is a client side thing. There is support
> for this in HTML5, with varying support in different browsers.
[sNip]
I really hope the hostname portion is excluded from this; if not,
then the world will be hit by a whole new set of scams. =(
2011-07-11 20:48, Jerry Pereira wrote:
Hi All,
I would like to know if there is a way to change the URL displayed on
browser without using Redirect option. The URL visible on client browser
must be based on some condition that is evaluated in my mod_perl handler.
For example -
1. User types
On 7/17/2011 1:16 AM, Phil Van wrote:
Back to Vincent's original request about session id and login: how
secure is your session id? Have you signed it? If not, someone can try
to sending random IDs and break your authentication.
Well, if you sign it and sign it properly, you basically end up wit
Le samedi 16 juillet 2011 à 22:16 -0700, Phil Van a écrit :
> Back to Vincent's original request about session id and login:
> (if you are using https, then all the above procedures do not matter)
>
It's via https, yes.
> The second idea is that you may not need to store session on the
> serve
Le samedi 16 juillet 2011 à 21:06 -0400, Perrin Harkins a écrit :
> On Sat, Jul 16, 2011 at 1:01 PM, Vincent Veyron wrote:
> To serialize your session to a string, you can do something like this:
> use Storable qw(nfreeze);
> $serialized = nfreeze \%session;
>
I see the light!
Thanks a bunch f
Back to Vincent's original request about session id and login: how secure is
your session id? Have you signed it? If not, someone can try to sending
random IDs and break your authentication.
Well, if you sign it and sign it properly, you basically end up with the
same idea in those "Authen + Ticke
On Sat, Jul 16, 2011 at 1:01 PM, Vincent Veyron wrote:
> As I said, I replaced the call to tie with :
>
> $r->pnotes('session' => Storable::retrieve($session_file));
>
> where $session_file again is retrieved from the cookie.
>
> What I can't find out is : how do I store %session into a database
>
Le vendredi 15 juillet 2011 à 17:59 -0400, Perrin Harkins a écrit :
> I think you're misunderstand. Storable doesn't do this for you. The
> idea is you could capture the session in a variable and write that to
> a database.
>
Let me explain; I used to do :
tie %session, 'Apache::Session::Po
On Thu, Jul 14, 2011 at 3:15 PM, Vincent Veyron wrote:
> OK, I must have missed it in the doc, I'll look again.
I think you're misunderstand. Storable doesn't do this for you. The
idea is you could capture the session in a variable and write that to
a database.
If you'd rather not roll your ow
Le jeudi 14 juillet 2011 à 13:02 -0400, Michael Peters a écrit :
> On 07/14/2011 12:57 PM, Vincent Veyron wrote:
> > Also, I did not find how to store a hash in the database without tie. I
> > read it's possible to use Data::Dumper to write the data in a field and
> > read it as Perl code. Would t
On 07/14/2011 12:57 PM, Vincent Veyron wrote:
This is what I first did, using Apache::Session. But I noticed the call
to tie was very slow (response time around 70ms with it, 15ms without
it), so I changed for Storable because filesystem reads were much
faster.
I don't personally like Apache::
Le jeudi 14 juillet 2011 à 11:34 -0400, Perrin Harkins a écrit :
> On Thu, Jul 14, 2011 at 11:21 AM, Vincent Veyron wrote:
> > Could you explain (very briefly) how clustering prevents file storage of
> > a session?
>
> A cluster in this case means multiple servers, so they don't share a
> filesys
On Thu, Jul 14, 2011 at 11:21 AM, Vincent Veyron wrote:
> Could you explain (very briefly) how clustering prevents file storage of
> a session?
A cluster in this case means multiple servers, so they don't share a
filesystem. There are ways to share files of course, but the common
solution is to
Le mercredi 13 juillet 2011 à 13:19 -0400, Perrin Harkins a écrit :
> On Tue, Jul 12, 2011 at 8:45 AM, Vincent Veyron wrote:
> > -Is there anything wrong with my process?
>
> If it's working for you, then it sounds fine. Needing to invoke
> mod_perl on every hit could be bad if you're trying to
On Tue, Jul 12, 2011 at 8:45 AM, Vincent Veyron wrote:
> -Is there anything wrong with my process?
If it's working for you, then it sounds fine. Needing to invoke
mod_perl on every hit could be bad if you're trying to protect a lot
of otherwise static pages, but it doesn't sound like you are. T
Hi list,
In a recent thread, this exchange took place :
Le lundi 11 juillet 2011 à 21:54 +0200, André Warnier a écrit :
> Szekeres, Edward wrote:
> > It seems to be just an attempt to do what is already done in
> > Apache2::AuthCookie (CPAN), which encapsulates a server side authentication.
> >
From: Jerry Pereira
Thanks Guys!!! I will go ahead with Redirect approach. I was more interested
in building a generic framework for my application that would handle such
scenarios (login was just one of them).
Then, as somebody suggested, start using Catalyst framework. It will handle
mail.com]
Sent: Monday, July 11, 2011 2:48 PM
To: modperl@perl.apache.org
Subject: Changing browser URL based on condition
Hi All,
I would like to know if there is a way to change the URL displayed on
browser without using Redirect option. The URL visible on client browser
must be based on some condi
@perl.apache.org
> Subject: Re: Changing browser URL based on condition
>
> On Mon, 11 Jul 2011 11:48:09 -0700
> Jerry Pereira wrote:
> > 1. User types the URL - www.example.com, this will display the login
> > page.
> > 2. Once the user enters the credentials and hits submi
Szekeres, Edward wrote:
It seems to be just an attempt to do what is already done in
Apache2::AuthCookie (CPAN), which encapsulates a server side authentication.
+1
Exactly.
And I would add that before you start trying to implement you own authentication logic,
you should really think twice.
: Changing browser URL based on condition
On Mon, 11 Jul 2011 11:48:09 -0700
Jerry Pereira wrote:
> 1. User types the URL - www.example.com, this will display the login
> page.
> 2. Once the user enters the credentials and hits submit, the request
> is posted to www.example.com/login action.
, 2011 2:48 PM
*To:* modperl@perl.apache.org <mailto:modperl@perl.apache.org>
*Subject:* Changing browser URL based on condition
Hi All,
I would like to know if there is a way to change the URL displayed on
browser without using Redirect option. The URL visible on client
On Mon, 11 Jul 2011 11:48:09 -0700
Jerry Pereira wrote:
> 1. User types the URL - www.example.com, this will display the login
> page.
> 2. Once the user enters the credentials and hits submit, the request
> is posted to www.example.com/login action.
> 3. If the credentials entered by the user is
From: "Jerry Pereira"
Hi Edward,
I have the following design:
A single PerlResponseHandler for all requests. This handler based on the
path decides the action to be taken
For example, if the user submits to www.example.com/login, then the handler
delegates the request to authentication module,
e
>> info panel.
>>
>> ** **
>>
>> *From:* Jerry Pereira [mailto:online.je...@gmail.com]
>> *Sent:* Monday, July 11, 2011 2:48 PM
>> *To:* modperl@perl.apache.org
>> *Subject:* Changing browser URL based on condition
>>
>> ** **
&g
On 07/11/2011 03:14 PM, Jerry Pereira wrote:
Any suggestions to handle this scenario will be great.
As others have noted, there isn't a way to do this. If it's a
requirement of your application then the only way to handle it is to do
redirection. And as others have pointed out it's a good ide
ctual location in the
> info panel.
>
> ** **
>
> *From:* Jerry Pereira [mailto:online.je...@gmail.com]
> *Sent:* Monday, July 11, 2011 2:48 PM
> *To:* modperl@perl.apache.org
> *Subject:* Changing browser URL based on condition
>
> ** **
>
> Hi All,
>
From: "Jerry Pereira"
> Hi All,
>
> I would like to know if there is a way to change the URL displayed on
> browser without using Redirect option.
Nope, not possible.
You need to do that redirection somehow.
What the user sees in the address bar is the URL accessed by the browser. If
the bro
r it would be a spoofers windfall.
The browser will always have the actual location in the info panel.
From: Jerry Pereira [mailto:online.je...@gmail.com]
Sent: Monday, July 11, 2011 2:48 PM
To: modperl@perl.apache.org
Subject: Changing browser URL based on condition
Hi All,
I would like to kno
On Mon, Jul 11, 2011 at 11:48:09AM -0700, Jerry Pereira wrote:
> I would like to know if there is a way to change the URL displayed on
> browser without using Redirect option. The URL visible on client browser
> must be based on some condition that is evaluated in my mod_perl handler.
Imagine if
Hi All,
I would like to know if there is a way to change the URL displayed on
browser without using Redirect option. The URL visible on client browser
must be based on some condition that is evaluated in my mod_perl handler.
For example -
1. User types the URL - www.example.com, this will displa
31 matches
Mail list logo
