Группа :: Разработка/Perl
Пакет: perl-LWPx-ParanoidAgent
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Текущая версия: 1.12-alt1
Время сборки: 19 октября 2016, 09:20 ( 335.0 недели назад )
Размер архива: 60.81 Kb
Домашняя страница: http://www.annocpan.org/dist/LWPx-ParanoidAgent
Лицензия: Artistic
О пакете: subclass of LWP::UserAgent that protects you from harm
Описание:
Список всех майнтейнеров, принимавших участие
в данной и/или предыдущих сборках пакета: Список rpm-пакетов, предоставляемый данным srpm-пакетом:
ACL:
Время сборки: 19 октября 2016, 09:20 ( 335.0 недели назад )
Размер архива: 60.81 Kb
Домашняя страница: http://www.annocpan.org/dist/LWPx-ParanoidAgent
Лицензия: Artistic
О пакете: subclass of LWP::UserAgent that protects you from harm
Описание:
The "LWPx::ParanoidAgent" is a class subclassing "LWP::UserAgent",
but paranoid against attackers. It's to be used when you're fetching
a remote resource on behalf of a possibly malicious user.
This class can do whatever "LWP::UserAgent" can (callbacks, uploads from
files, etc), except proxy support is explicitly removed, because in
that case you should do your paranoia at your proxy.
Also, the schemes are limited to http and https, which are mapped to
"LWPx::Protocol::http_paranoid" and
"LWPx::Protocol::https_paranoid", respectively, which are forked
versions of the same ones without the "_paranoid". Subclassing them
didn't look possible, as they were essentially just one huge function.
This class protects you from connecting to internal IP ranges (unless you
whitelist them), hostnames/IPs that you blacklist, remote webserver
tarpitting your process (the timeout parameter is changed to be a global
timeout over the entire process), and all combinations of redirects and
DNS tricks to otherwise tarpit and/or connect to internal resources.
Текущий майнтейнер: Vitaly Lipatov but paranoid against attackers. It's to be used when you're fetching
a remote resource on behalf of a possibly malicious user.
This class can do whatever "LWP::UserAgent" can (callbacks, uploads from
files, etc), except proxy support is explicitly removed, because in
that case you should do your paranoia at your proxy.
Also, the schemes are limited to http and https, which are mapped to
"LWPx::Protocol::http_paranoid" and
"LWPx::Protocol::https_paranoid", respectively, which are forked
versions of the same ones without the "_paranoid". Subclassing them
didn't look possible, as they were essentially just one huge function.
This class protects you from connecting to internal IP ranges (unless you
whitelist them), hostnames/IPs that you blacklist, remote webserver
tarpitting your process (the timeout parameter is changed to be a global
timeout over the entire process), and all combinations of redirects and
DNS tricks to otherwise tarpit and/or connect to internal resources.
Список всех майнтейнеров, принимавших участие
в данной и/или предыдущих сборках пакета: Список rpm-пакетов, предоставляемый данным srpm-пакетом:
- perl-LWPx-ParanoidAgent