[Catalyst-commits] r9962 - in trunk/Catalyst-Controller-WrapCGI: . lib/Catalyst/Controller

caelum at dev.catalyst.perl.org caelum at dev.catalyst.perl.org
Thu Apr 30 16:40:30 GMT 2009 

Author: caelum
Date: 2009-04-30 17:40:30 +0100 (Thu, 30 Apr 2009)
New Revision: 9962

Modified:
   trunk/Catalyst-Controller-WrapCGI/Changes
   trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/CGIBin.pm
   trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/WrapCGI.pm
Log:
C::C::WrapCGI - remove CGI env vars by default

Modified: trunk/Catalyst-Controller-WrapCGI/Changes
===================================================================
--- trunk/Catalyst-Controller-WrapCGI/Changes	2009-04-30 16:08:04 UTC (rev 9961)
+++ trunk/Catalyst-Controller-WrapCGI/Changes	2009-04-30 16:40:30 UTC (rev 9962)
@@ -1,5 +1,8 @@
 Revision history for Catalyst-Controller-WrapCGI
 
+0.0034  2009-04-30 16:38:00
+    - remove all CGI specific env vars by default (caelum)
+
 0.0033  2009-04-29 03:29:34
     - fix for multiple file uploads (hdp)
     - file uploads support (caelum)

Modified: trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/CGIBin.pm
===================================================================
--- trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/CGIBin.pm	2009-04-30 16:08:04 UTC (rev 9961)
+++ trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/CGIBin.pm	2009-04-30 16:40:30 UTC (rev 9962)
@@ -23,11 +23,11 @@
 
 =head1 VERSION
 
-Version 0.012
+Version 0.013
 
 =cut
 
-our $VERSION = '0.012';
+our $VERSION = '0.013';
 
 =head1 SYNOPSIS
 

Modified: trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/WrapCGI.pm
===================================================================
--- trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/WrapCGI.pm	2009-04-30 16:08:04 UTC (rev 9961)
+++ trunk/Catalyst-Controller-WrapCGI/lib/Catalyst/Controller/WrapCGI.pm	2009-04-30 16:40:30 UTC (rev 9962)
@@ -20,11 +20,11 @@
 
 =head1 VERSION
 
-Version 0.0033
+Version 0.0034
 
 =cut
 
-our $VERSION = '0.0033';
+our $VERSION = '0.0034';
 
 =head1 SYNOPSIS
 
@@ -68,22 +68,28 @@
 
 =head1 CONFIGURATION
 
+=head2 pass_env
+
 C<< $your_controller->{CGI}{pass_env} >> should be an array of environment variables
 or regular expressions to pass through to your CGIs. Entries surrounded by C</>
 characters are considered regular expressions.
 
+=head2 kill_env
+
 C<< $your_controller->{CGI}{kill_env} >> should be an array of environment
 variables or regular expressions to remove from the environment before passing
 it to your CGIs.  Entries surrounded by C</> characters are considered regular
 expressions.
 
-Default is to pass the whole of C<%ENV>, except for C<MOD_PERL> and
-C<CONTENT_TYPE> (that is, the default C<kill_env> is C<[ qw(MOD_PERL
-CONTENT_TYPE) ]>.
+Default is to pass the whole of C<%ENV>, except for entries listed in
+L</FILTERED ENVIRONMENT> below.
 
-C<< $your_controller->{CGI}{username_field} >> should be the field for your user's name, which will be
-read from C<< $c->user->obj >>. Defaults to 'username'.
+=head2 username_field
 
+C<< $your_controller->{CGI}{username_field} >> should be the field for your
+user's name, which will be read from C<< $c->user->obj >>. Defaults to
+'username'.
+
 See L</SYNOPSIS> for an example.
 
 =cut
@@ -231,6 +237,44 @@
   return $env->response;
 }
 
+=head1 FILTERED ENVIRONMENT
+
+If you don't use the L</pass_env> option to restrict which environment variables
+are passed in, the default is to pass the whole of C<%ENV> except the variables
+listed below.
+
+  MOD_PERL
+  SERVER_SOFTWARE
+  SERVER_NAME
+  GATEWAY_INTERFACE
+  SERVER_PROTOCOL
+  SERVER_PORT
+  REQUEST_METHOD
+  PATH_INFO
+  PATH_TRANSLATED
+  SCRIPT_NAME
+  QUERY_STRING
+  REMOTE_HOST
+  REMOTE_ADDR
+  AUTH_TYPE
+  REMOTE_USER
+  REMOTE_IDENT
+  CONTENT_TYPE
+  CONTENT_LENGTH
+  HTTP_ACCEPT
+  HTTP_USER_AGENT
+
+C<%ENV> can be further trimmed using L</kill_env>.
+
+=cut
+
+my $DEFAULT_KILL_ENV = [qw/
+  MOD_PERL SERVER_SOFTWARE SERVER_NAME GATEWAY_INTERFACE SERVER_PROTOCOL
+  SERVER_PORT REQUEST_METHOD PATH_INFO PATH_TRANSLATED SCRIPT_NAME QUERY_STRING
+  REMOTE_HOST REMOTE_ADDR AUTH_TYPE REMOTE_USER REMOTE_IDENT CONTENT_TYPE
+  CONTENT_LENGTH HTTP_ACCEPT HTTP_USER_AGENT
+/];
+
 sub _filtered_env {
   my ($self, $env) = @_;
   my @ok;
@@ -240,7 +284,7 @@
   $pass_env = [ $pass_env ] unless ref $pass_env;
 
   my $kill_env = $self->{CGI}{kill_env};
-  $kill_env = [ 'MOD_PERL', 'CONTENT_TYPE' ] unless defined $kill_env;
+  $kill_env = $DEFAULT_KILL_ENV unless defined $kill_env;
   $kill_env = [ $kill_env ]  unless ref $kill_env;
 
   if (@$pass_env) {

More information about the Catalyst-commits mailing list