Skip Menu |

This queue is for tickets about the CGI-Application-Plugin-ProtectCSRF CPAN distribution.

Report information
The Basics
Id: 72346
Status: new
Priority: 0/
Queue: CGI-Application-Plugin-ProtectCSRF
People
Owner: Nobody in particular
Requestors: SILASMONK [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Nov 10 16:37:11 2011 SILASMONK [...] cpan.org - Ticket created
Subject: Please consider using Digest::SHA
Digest::SHA1 is only a subset of Digest::SHA and the latter is now in the perl core. Patch attached.
Subject: digest-sha.patch
Description: use Digest::SHA instead of SHA1 cf. http://wiki.debian.org/Teams/DebianPerlGroup/OpenTasks/Transitions/DigestSHA1ToDigestSHA Origin: vendor Forwarded: no Author: gregor herrmann <gregoa@debian.org> Reviewed-by: Nicholas Bamber <nicholas@periapt.co.uk> Last-Update: 2011-11-07 --- a/Build.PL +++ b/Build.PL @@ -11,7 +11,7 @@ "Attribute::Handlers" => 0.78, "CGI::Application" => 4.04, "CGI::Application::Plugin::Session" => 1.01, - "Digest::SHA1" => 2.07, + "Digest::SHA" => 0, }, add_to_cleanup => [ 'CGI-Application-Plugin-ProtectCSRF-*' ], ); --- a/META.yml +++ b/META.yml @@ -9,7 +9,7 @@ Attribute::Handlers: 0.78 CGI::Application: 4.04 CGI::Application::Plugin::Session: 1.01 - Digest::SHA1: 2.07 + Digest::SHA: 0 generated_by: Module::Build version 0.2808 meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.2.html --- a/Makefile.PL +++ b/Makefile.PL @@ -12,7 +12,7 @@ "Attribute::Handlers" => 0.78, "CGI::Application" => 4.04, "CGI::Application::Plugin::Session" => 1.01, - "Digest::SHA1" => 2.07, + "Digest::SHA" => 0, }, dist => { COMPRESS => 'gzip -9f', SUFFIX => 'gz', }, clean => { FILES => 'CGI-Application-Plugin-ProtectCSRF-*' }, --- a/README +++ b/README @@ -157,7 +157,7 @@ SEE ALSO Attribute::Handlers Carp CGI::Application - CGI::Application::Plugin::Session Digest::SHA1 Exporter HTML::TokeParser + CGI::Application::Plugin::Session Digest::SHA Exporter HTML::TokeParser AUTHOR Akira Horimoto <kurt0027@gmail.com> --- a/CGI/Application/Plugin/ProtectCSRF.pm +++ b/CGI/Application/Plugin/ProtectCSRF.pm @@ -51,7 +51,7 @@ use base qw(Exporter); use Carp; use HTML::TokeParser; -use Digest::SHA1 qw(sha1_hex); +use Digest::SHA qw(sha1_hex); use Attribute::Handlers; our( @@ -222,12 +222,6 @@ =item B<csrf_error_mode> - The L<CGI::Application> runmode name. This defaults to C<_csrf_error>. -=for comment - -The Debian maintainer is unclear why this option is useful. Surely an -anonymous run mode would be cleaner here. - -=end comment =item B<csrf_error_tmpl> - The HTML displayed in the event of a CSRF attack being detected in the form of a scalarref or filepath or filehandle. One may @@ -237,7 +231,7 @@ =item B<csrf_error_tmpl_param> - A hashref of parameters to be placed in the above template. See L<HTML::Template>. -=for comment +=begin comment The Debian maintainer thinks other templating systems should work but is unlikely to experiment with this in the near future. @@ -251,6 +245,17 @@ =back +=begin comment + +The Debian maintainer is unclear why the csrf_error_mode option is useful. +Surely an anonymous run mode would be cleaner here. + +The Debian maintainer thinks other templating systems, apart from +HTML::Template, should work but is unlikely to experiment with this in the +near future. + +=end comment + Example: sub cgiapp_init { @@ -492,7 +497,7 @@ L<Carp>, L<CGI::Application>, L<CGI::Application::Plugin::Session>, -L<Digest::SHA1>, +L<Digest::SHA>, L<Exporter>, L<HTML::TokeParser>, L<HTML::Template>