Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Perl > Perl Misc > Redirecting via LWP

Reply
Thread Tools

Redirecting via LWP

 
 
Bigus
Guest
Posts: n/a
 
      09-01-2003
Hi

I've written a script which performs some background authentication to
control access to a files directory on the web server. The final action in
the script, assuming the user authenticates correctly, is to take them to
the files directory. I do this with LWP.

However, when they then go to click on a file it looks for it in the
cgi-bin, which of course is not where it is! How can I make it so that the
browser thinks it's in the intended directory rather than the cgi-bin?

Thanks

Bigus


 
Reply With Quote
 
 
 
 
Bigus
Guest
Posts: n/a
 
      09-01-2003

"Bigus" <(E-Mail Removed)> wrote in message
news:bivnb6$(E-Mail Removed)...
> Hi
>
> I've written a script which performs some background authentication to
> control access to a files directory on the web server. The final action in
> the script, assuming the user authenticates correctly, is to take them to
> the files directory. I do this with LWP.
>
> However, when they then go to click on a file it looks for it in the
> cgi-bin, which of course is not where it is! How can I make it so that the
> browser thinks it's in the intended directory rather than the cgi-bin?


For info, here's the sub that does the redirect bit:

sub gotofilearea()
{
$url = "http://mydomain.com/files/$listname/";
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$req = HTTP::Request->new(GET => $url);
$req->authorization_basic("$listname", "password");
$resp = $ua->request($req);
$response = $resp->content;
print "Content-type:text/html\n\n";
print $response;
exit;
}

Bigus


 
Reply With Quote
 
 
 
 
James Willmore
Guest
Posts: n/a
 
      09-01-2003
On Mon, 1 Sep 2003 16:40:54 +0100
"Bigus" <(E-Mail Removed)> wrote:
> "Bigus" <(E-Mail Removed)> wrote in message
> news:bivnb6$(E-Mail Removed)...
> > I've written a script which performs some background
> > authentication to control access to a files directory on the web
> > server. The final action in the script, assuming the user
> > authenticates correctly, is to take them to the files directory. I
> > do this with LWP.
> >
> > However, when they then go to click on a file it looks for it in
> > the cgi-bin, which of course is not where it is! How can I make it
> > so that the browser thinks it's in the intended directory rather
> > than the cgi-bin?

>
> For info, here's the sub that does the redirect bit:
>
> sub gotofilearea()
> {
> $url = "http://mydomain.com/files/$listname/";
> use LWP::UserAgent;
> $ua = new LWP::UserAgent;
> $req = HTTP::Request->new(GET => $url);
> $req->authorization_basic("$listname", "password");
> $resp = $ua->request($req);
> $response = $resp->content;
> print "Content-type:text/html\n\n";
> print $response;
> exit;
> }


Because you're _not_ storing a file - you're printing the results from
your 'GET'. So, you'll have to use a method that will store the
results. One method is to do the following (I don't recommend doing
it, though - read more about your web server and security).

==example & untested==
open(FILE, '/some/directory/filename')
or die "Can't open file\n"; #no "$!", because the use doesn't need
#to know why the file can not
#be written;
#see comment above
print FILE $result;
close FILE;
==example & untested==

Read some more about LWP, HTTP::Request, and your own web server,
because there are other ways to do it that are more secure and easier.

HTH
--
Jim
---
Copyright notice: all code written by the author in this post is
considered GPL. http://gnu.org for more information.
---
a real quote ...
Linus Torvalids: "They are somking crack ...."
(http://www.eweek.com/article2/0,3959,1227150,00.asp)
---
a fortune quote ...
You do not have mail.

 
Reply With Quote
 
James Willmore
Guest
Posts: n/a
 
      09-01-2003
On Mon, 01 Sep 2003 17:27:50 GMT
James Willmore <(E-Mail Removed)> wrote:
> ==example & untested==
> open(FILE, '/some/directory/filename')
> or die "Can't open file\n"; #no "$!", because the use doesn't

Should be:
or die "Can't open file\n"; #no "$!", because the user doesn't

And, after reading the OP a second time, you mention that the user is
being redirected back at some point to the cgi-bin directory. You're
geting a listing in the cgi-bin directory? If so ... _VERY_ bad.
Read some more about your web server and security. Users, on a
production system, should _not_ be able to see the directory contents
in the cgi-bin directory - EVER. It is a security risk that you
_should_ be unwilling to take.

HTH
--
Jim
---
Copyright notice: all code written by the author in this post is
considered GPL. http://gnu.org for more information.
---
a real quote ...
Linus Torvalids: "They are somking crack ...."
(http://www.eweek.com/article2/0,3959,1227150,00.asp)
---
a fortune quote ...
The District of Columbia has a law forbidding you to exert
pressure on a balloon and thereby cause a whistling sound on the
streets.
 
Reply With Quote
 
Bigus
Guest
Posts: n/a
 
      09-01-2003
"James Willmore" <(E-Mail Removed)> wrote in message
> Because you're _not_ storing a file - you're printing the results from
> your 'GET'. So, you'll have to use a method that will store the
> results. One method is to do the following (I don't recommend doing
> it, though - read more about your web server and security).
>
> ==example & untested==
> open(FILE, '/some/directory/filename')
> or die "Can't open file\n"; #no "$!", because the use doesn't need
> #to know why the file can not
> #be written;
> #see comment above
> print FILE $result;
> close FILE;
> ==example & untested==
>
> Read some more about LWP, HTTP::Request, and your own web server,
> because there are other ways to do it that are more secure and easier.


I'm not storing a file, no.. the directory I want the user to end up in is
displayed via Apache's directory listing feature.. ie: there is no html page
in that directory. If I have to start creating & storing temp files then it
could be a bit of a pain. There are about a thousand directories that will
be handled by this script.

Can anyone give me any further pointers on what to search for?

Thanks

Bigus


 
Reply With Quote
 
Bigus
Guest
Posts: n/a
 
      09-01-2003

"James Willmore" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ...
> On Mon, 01 Sep 2003 17:27:50 GMT
> James Willmore <(E-Mail Removed)> wrote:
> > ==example & untested==
> > open(FILE, '/some/directory/filename')
> > or die "Can't open file\n"; #no "$!", because the use doesn't

> Should be:
> or die "Can't open file\n"; #no "$!", because the user doesn't
>
> And, after reading the OP a second time, you mention that the user is
> being redirected back at some point to the cgi-bin directory. You're
> geting a listing in the cgi-bin directory?


No, they are just getting "cannot find file" or words to that effect.

Bigus


 
Reply With Quote
 
James Willmore
Guest
Posts: n/a
 
      09-01-2003
On Mon, 1 Sep 2003 18:41:57 +0100
"Bigus" <(E-Mail Removed)> wrote:
> I'm not storing a file, no.. the directory I want the user to end up
> in is displayed via Apache's directory listing feature.. ie: there
> is no html page in that directory. If I have to start creating &
> storing temp files then it could be a bit of a pain. There are about
> a thousand directories that will be handled by this script.
>
> Can anyone give me any further pointers on what to search for?


Why are you using LWP in a CGI script? If you are using Apache's
directory listing, what are you listing, if not files? What exactly
are you tring to do?

In your OP, you wanted to do redirection. Then why not
1) use the CGI module's redirect method
2) simply print the proper header (print "Location: <new URL>\n\n"

This way, all you need to concern yourself with is getting the user to
the right place - allowing Apache to do the authentication (as you
were trying to do with LWP).

I guess I'm at a loss to see exactly what you're trying to accomplish
if none of the above makes sense.

HTH
--
Jim
---
Copyright notice: all code written by the author in this post is
considered GPL. http://gnu.org for more information.
---
a real quote ...
Linus Torvalids: "They are somking crack ...."
(http://www.eweek.com/article2/0,3959,1227150,00.asp)
---
a fortune quote ...
I am more bored than you could ever possibly be. Go back to
work.
 
Reply With Quote
 
Michael Budash
Guest
Posts: n/a
 
      09-02-2003
In article <bivpab$(E-Mail Removed)>,
"Bigus" <(E-Mail Removed)> wrote:

> "Bigus" <(E-Mail Removed)> wrote in message
> news:bivnb6$(E-Mail Removed)...
> > Hi
> >
> > I've written a script which performs some background authentication to
> > control access to a files directory on the web server. The final action in
> > the script, assuming the user authenticates correctly, is to take them to
> > the files directory. I do this with LWP.
> >
> > However, when they then go to click on a file it looks for it in the
> > cgi-bin, which of course is not where it is! How can I make it so that the
> > browser thinks it's in the intended directory rather than the cgi-bin?

>
> For info, here's the sub that does the redirect bit:
>
> sub gotofilearea()
> {
> $url = "http://mydomain.com/files/$listname/";
> use LWP::UserAgent;
> $ua = new LWP::UserAgent;
> $req = HTTP::Request->new(GET => $url);
> $req->authorization_basic("$listname", "password");
> $resp = $ua->request($req);
> $response = $resp->content;
> print "Content-type:text/html\n\n";
> print $response;
> exit;
> }
>
> Bigus
>
>


look into the <base href="..."> html tag, then do this:

$response = $resp->content;
$response =~
s{(</head>)}{<base href="http://mydomain.com/files/$listname/">$1}i;

it's what i do and it works like a champ.
--
Michael Budash
 
Reply With Quote
 
Bigus
Guest
Posts: n/a
 
      09-02-2003
"James Willmore" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ...
> On Mon, 1 Sep 2003 18:41:57 +0100
> "Bigus" <(E-Mail Removed)> wrote:
> > I'm not storing a file, no.. the directory I want the user to end up
> > in is displayed via Apache's directory listing feature.. ie: there
> > is no html page in that directory. If I have to start creating &
> > storing temp files then it could be a bit of a pain. There are about
> > a thousand directories that will be handled by this script.
> >
> > Can anyone give me any further pointers on what to search for?

>
> Why are you using LWP in a CGI script? If you are using Apache's
> directory listing, what are you listing, if not files? What exactly
> are you tring to do?


Well, you've solved it for me (see below), but just for the sake of
completeness, as I evidently didn't explain what I was doing very well -
basically, each directory is a file area associated with a Listserv mailing
list. The directory is password protected by an Apache htaccess file to stop
users typing a URL and getting there directly. My CGI script makes them log
into Listserv and checks to make sure they are a subscriber (or a site
administrator) to the mailing list that they are trying to access the file
area of. If they pass those checks the script takes them to the file area,
automatically dealing with the Apache authentication.

> In your OP, you wanted to do redirection. Then why not
> 1) use the CGI module's redirect method
> 2) simply print the proper header (print "Location: <new URL>\n\n"


That worked! I love simple solutions, and that helped fill in a gap in my
knowledge of something that I should probably know by now

Many thanks

Bigus



 
Reply With Quote
 
Bigus
Guest
Posts: n/a
 
      09-02-2003

"Bigus" <(E-Mail Removed)> wrote in message
news:bj1pq3$(E-Mail Removed)...
> "James Willmore" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) ...
> > On Mon, 1 Sep 2003 18:41:57 +0100
> > "Bigus" <(E-Mail Removed)> wrote:
> > > I'm not storing a file, no.. the directory I want the user to end up
> > > in is displayed via Apache's directory listing feature.. ie: there
> > > is no html page in that directory. If I have to start creating &
> > > storing temp files then it could be a bit of a pain. There are about
> > > a thousand directories that will be handled by this script.
> > >
> > > Can anyone give me any further pointers on what to search for?

> >
> > Why are you using LWP in a CGI script? If you are using Apache's
> > directory listing, what are you listing, if not files? What exactly
> > are you tring to do?

>
> Well, you've solved it for me (see below), but just for the sake of
> completeness, as I evidently didn't explain what I was doing very well -
> basically, each directory is a file area associated with a Listserv

mailing
> list. The directory is password protected by an Apache htaccess file to

stop
> users typing a URL and getting there directly. My CGI script makes them

log
> into Listserv and checks to make sure they are a subscriber (or a site
> administrator) to the mailing list that they are trying to access the file
> area of. If they pass those checks the script takes them to the file area,
> automatically dealing with the Apache authentication.
>
> > In your OP, you wanted to do redirection. Then why not
> > 1) use the CGI module's redirect method
> > 2) simply print the proper header (print "Location: <new URL>\n\n"

>
> That worked!


Actually, it didn't work.. doh! The line:

print "Location: http://$listname:$password\@$host/files/$listname/\n\n";

Causes the Apache password dialog box to come up, even though $listname and
$password are absolutely definitely correct.

Any ideas?

Thanks

Bigus





 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
using LWP to POST data via "javascript:document.form.submit()" link schruthensis Perl Misc 18 01-07-2006 04:24 PM
VS.NET, ASP.NET - using via Frontpage Ext, now via SHAREPOINT? Gerry Hickman ASP .Net 2 12-14-2005 09:25 PM
Cordless phone via ATA via RJ45 router with no provider possible? ChrisR VOIP 10 04-26-2005 06:55 PM
Redirecting via windowd authentication darrel ASP .Net 5 12-11-2004 11:11 AM
LWP - Upload via HTTP POST Mark Mykkanen Perl Misc 1 07-02-2003 08:47 PM



Advertisments