Skip Menu |

This queue is for tickets about the libwww-perl CPAN distribution.

Report information
The Basics
Id: 39919
Status: resolved
Priority: 0/
Queue: libwww-perl
People
Owner: Nobody in particular
Requestors: eduffield [...] gmail.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Oct 09 11:26:14 2008 eduffield [...] gmail.com - Ticket created
Subject: UserAgent->Proxy Bug Report
Date: Thu, 9 Oct 2008 08:25:37 -0700
To: gisle [...] ActiveState.com, bug-libwww-perl [...] rt.cpan.org
From: "Evan Duffield" <eduffield [...] gmail.com>
Hello, My issue with user agent is simple. When called with one scalar like: $ua->proxy($proxy_addr) This trys to look for a proxy under a scheme matching $proxy_addr. What if you were trying to set the proxy? You just did it wrong, and UserAgent didn't complain or anything. So at this point I am accessing the internet without being protected, and you don't even know it. I suggest the proxy sub by split into get_proxy and set_proxy to limit further confusion. Here's the examples: $ua->proxy(\@schemes, $proxy_url); #called correctly $ua->proxy(['http','https'], 'http://' . $p); #called incorrectly $ua->proxy('http'); #returning correct scheme proxy $ua->proxy($proxy_url); #returning undef! No error or anything! From useragent: sub proxy { my $self = shift; my $key = shift; return map $self->proxy($_, @_), @$key if ref $key; my $old = $self->{'proxy'}{$key}; if (@_) { $self->{proxy}{$key} = shift; $self->set_my_handler("request_preprepare", \&_need_proxy) } return $old; }
  Mon Nov 24 19:06:06 2008 GAAS [...] cpan.org - Correspondence added
Splitting the methods into separate get_ and set_ methods will not happen. I did commit the following patch that should make the proxy method much more eager to croak on bad arguments: commit e63bb2e5f360b5f6580703993caf028bf0b3f1f5 Author: Gisle Aas <gisle@aas.no> Date: Tue Nov 25 01:04:57 2008 +0100 croak on bad proxy args [RT#39919] diff --git a/lib/LWP/UserAgent.pm b/lib/LWP/UserAgent.pm index ef886f7..765d406 100644 --- a/lib/LWP/UserAgent.pm +++ b/lib/LWP/UserAgent.pm @@ -917,9 +917,13 @@ sub proxy my $key = shift; return map $self->proxy($_, @_), @$key if ref $key; + Carp::croak("'$key' is not a valid URI scheme") unless $key =~ /^$URI::scheme_re\z/; my $old = $self->{'proxy'}{$key}; if (@_) { - $self->{proxy}{$key} = shift; + my $url = shift; + Carp::croak("Proxy must be specified as absolute URI; '$url' is not") unless $url =~ /^$URI::scheme_re:/; + Carp::croak("Bad http proxy specification '$url'") if $url =~ /^https?:/ && $url !~ m,^https?://\w,; + $self->{proxy}{$key} = $url; $self->set_my_handler("request_preprepare", \&_need_proxy) } return $old;
  Mon Nov 24 19:06:09 2008 The RT System itself - Status changed from 'new' to 'open'
  Mon Nov 24 19:06:09 2008 GAAS [...] cpan.org - Status changed from 'open' to 'resolved'
  Mon Nov 24 20:42:43 2008 eduffield [...] gmail.com - Correspondence added
Subject: Re: [rt.cpan.org #39919] UserAgent->Proxy Bug Report
Date: Mon, 24 Nov 2008 18:42:33 -0700
To: bug-libwww-perl [...] rt.cpan.org
From: eduffield [...] gmail.com
Thanks. I appreciate it. On 11/24/08, Gisle_Aas via RT <bug-libwww-perl@rt.cpan.org> wrote: Show quoted text
> <URL: http://rt.cpan.org/Ticket/Display.html?id=39919 > > > Splitting the methods into separate get_ and set_ methods will not happen. > > I did commit the following patch that should make the proxy method much more > eager to > croak on bad arguments: > > commit e63bb2e5f360b5f6580703993caf028bf0b3f1f5 > Author: Gisle Aas <gisle@aas.no> > Date: Tue Nov 25 01:04:57 2008 +0100 > > croak on bad proxy args [RT#39919] > > diff --git a/lib/LWP/UserAgent.pm b/lib/LWP/UserAgent.pm > index ef886f7..765d406 100644 > --- a/lib/LWP/UserAgent.pm > +++ b/lib/LWP/UserAgent.pm > @@ -917,9 +917,13 @@ sub proxy > my $key = shift; > return map $self->proxy($_, @_), @$key if ref $key; > > + Carp::croak("'$key' is not a valid URI scheme") unless $key =~ > /^$URI::scheme_re\z/; > my $old = $self->{'proxy'}{$key}; > if (@_) { > - $self->{proxy}{$key} = shift; > + my $url = shift; > + Carp::croak("Proxy must be specified as absolute URI; '$url' is > not") unless $url =~ > /^$URI::scheme_re:/; > + Carp::croak("Bad http proxy specification '$url'") if $url =~ > /^https?:/ && $url !~ > m,^https?://\w,; > + $self->{proxy}{$key} = $url; > $self->set_my_handler("request_preprepare", \&_need_proxy) > } > return $old; > >
  Mon Nov 24 20:42:45 2008 The RT System itself - Status changed from 'resolved' to 'open'
  Fri Dec 05 13:22:56 2008 GAAS [...] cpan.org - Status changed from 'open' to 'resolved'