X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FController%2FWrapCGI.pm;h=1a8447c0ca5382f18c2654dc7e4dc916ce36ce5d;hb=5464705b4645ee3f5c5694cbc8e1d9e8f12da983;hp=fa0d73ac34d968695eaffe4e0a3546b4866edca9;hpb=47a5153fd919a2d6b4a5fa3968914924b366ad6b;p=catagits%2FCatalyst-Controller-WrapCGI.git

diff --git a/lib/Catalyst/Controller/WrapCGI.pm b/lib/Catalyst/Controller/WrapCGI.pm
index fa0d73a..1a8447c 100644
--- a/lib/Catalyst/Controller/WrapCGI.pm
+++ b/lib/Catalyst/Controller/WrapCGI.pm
@@ -1,13 +1,18 @@
 package Catalyst::Controller::WrapCGI;
 
-use strict;
-use warnings;
-use parent 'Catalyst::Controller';
+use Moose;
+use mro 'c3';
 
-use HTTP::Request::AsCGI;
-use HTTP::Request;
-use URI;
+extends 'Catalyst::Controller';
+
+use HTTP::Request::AsCGI ();
+use HTTP::Request ();
+use URI ();
 use Catalyst::Exception ();
+use URI::Escape;
+use HTTP::Request::Common;
+
+use namespace::clean -except => 'meta';
 
 =head1 NAME
 
@@ -15,11 +20,11 @@ Catalyst::Controller::WrapCGI - Run CGIs in Catalyst
 
 =head1 VERSION
 
-Version 0.0026
+Version 0.022
 
 =cut
 
-our $VERSION = '0.0026';
+our $VERSION = '0.022';
 
 =head1 SYNOPSIS
 
@@ -47,6 +52,7 @@ In your .conf, configure which environment variables to pass:
             pass_env PERL5LIB
             pass_env PATH
             pass_env /^MYAPP_/
+            kill_env MYAPP_BAD
         </CGI>
     </Controller::Foo>
 
@@ -60,16 +66,32 @@ with L<Catalyst> 5.8 onward.
 
 If you just want to run CGIs from files, see L<Catalyst::Controller::CGIBin>.
 
+C<REMOTE_USER> will be set to C<< $c->user->obj->$username_field >> if
+available, or to C<< $c->req->remote_user >> otherwise.
+
 =head1 CONFIGURATION
 
-C<$your_controller->{CGI}{pass_env}> should be an array of environment variables
+=head2 pass_env
+
+C<< $your_controller->{CGI}{pass_env} >> should be an array of environment variables
 or regular expressions to pass through to your CGIs. Entries surrounded by C</>
 characters are considered regular expressions.
 
-Default is to pass the whole of C<%ENV>.
+=head2 kill_env
 
-C<{CGI}{username_field}> should be the field for your user's name, which will be
-read from C<$c->user->obj>. Defaults to 'username'.
+C<< $your_controller->{CGI}{kill_env} >> should be an array of environment
+variables or regular expressions to remove from the environment before passing
+it to your CGIs.  Entries surrounded by C</> characters are considered regular
+expressions.
+
+Default is to pass the whole of C<%ENV>, except for entries listed in
+L</FILTERED ENVIRONMENT> below.
+
+=head2 username_field
+
+C<< $your_controller->{CGI}{username_field} >> should be the field for your
+user's name, which will be read from C<< $c->user->obj >>. Defaults to
+'username'.
 
 See L</SYNOPSIS> for an example.
 
@@ -83,17 +105,20 @@ open my $REAL_STDOUT, ">>&=".fileno(*STDOUT);
 
 =head1 METHODS
 
-=head2 $self->cgi_to_response($c, $coderef)
+=head2 cgi_to_response
+
+C<< $self->cgi_to_response($c, $coderef) >>
 
 Does the magic of running $coderef in a CGI environment, and populating the
 appropriate parts of your Catalyst context with the results.
 
-Calls wrap_cgi (below.)
+Calls L</wrap_cgi>.
 
 =cut
 
 sub cgi_to_response {
   my ($self, $c, $script) = @_;
+
   my $res = $self->wrap_cgi($c, $script);
 
   # if the CGI doesn't set the response code but sets location they were
@@ -110,18 +135,21 @@ sub cgi_to_response {
   $c->res->headers($res->headers);
 }
 
-=head2 $self->wrap_cgi($c, $coderef)
+=head2 wrap_cgi
+
+C<< $self->wrap_cgi($c, $coderef) >>
 
 Runs $coderef in a CGI environment using L<HTTP::Request::AsCGI>, returns an
 L<HTTP::Response>.
 
-The CGI environment is set up based on $c.
+The CGI environment is set up based on C<$c>.
 
 The environment variables to pass on are taken from the configuration for your
 Controller, see L</SYNOPSIS> for an example. If you don't supply a list of
-environment variables to pass, the whole of %ENV is used.
+environment variables to pass, the whole of %ENV is used (with exceptions listed
+in L</FILTERED ENVIRONMENT>.
 
-Used by cgi_to_response (above), which is probably what you want to use as well.
+Used by L</cgi_to_response>, which is probably what you want to use as well.
 
 =cut
 
@@ -139,7 +167,28 @@ sub wrap_cgi {
     local $/; $body_content = <$body>;
   } else {
     my $body_params = $c->req->body_parameters;
-    if (%$body_params) {
+
+    if (my %uploads = %{ $c->req->uploads }) {
+      my $post = POST 'http://localhost/',
+        Content_Type => 'form-data',
+        Content => [
+          %$body_params,
+          map {
+            my $upl = $uploads{$_};
+            $_ => [
+              undef,
+              $upl->filename,
+              Content => $upl->slurp,
+              map {
+                my $header = $_;
+                map { $header => $_ } $upl->headers->header($header)
+              } $upl->headers->header_field_names
+            ]
+          } keys %uploads
+        ];
+      $body_content = $post->content;
+      $req->content_type($post->header('Content-Type'));
+    } elsif (%$body_params) {
       my $encoder = URI->new;
       $encoder->query_form(%$body_params);
       $body_content = $encoder->query;
@@ -147,22 +196,7 @@ sub wrap_cgi {
     }
   }
 
-  my @env;
-
-  my $pass_env = $self->{CGI}{pass_env};
-  $pass_env = []            if not defined $pass_env;
-  $pass_env = [ $pass_env ] unless ref $pass_env;
-
-  for (@$pass_env) {
-    if (m!^/(.*)/\z!) {
-      my $re = qr/$1/;
-      push @env, grep /$re/, keys %ENV;
-    } else {
-      push @env, $_;
-    }
-  }
-
-  @env = keys %ENV unless @env;
+  my $filtered_env = $self->_filtered_env(\%ENV);
 
   $req->content($body_content);
   $req->content_length(length($body_content));
@@ -172,10 +206,21 @@ sub wrap_cgi {
   my $username = (($c->can('user_exists') && $c->user_exists)
                ? eval { $c->user->obj->$username_field }
                 : '');
+
+  $username ||= $c->req->remote_user if $c->req->can('remote_user');
+
+  my $path_info = '/'.join '/' => map {
+    utf8::is_utf8($_) ? uri_escape_utf8($_) : uri_escape($_)
+  } @{ $c->req->args };
+
   my $env = HTTP::Request::AsCGI->new(
               $req,
               ($username ? (REMOTE_USER => $username) : ()),
-              map { ($_, $ENV{$_}) } @env
+              %$filtered_env,
+              PATH_INFO => $path_info,
+# eww, this is likely broken:
+              FILEPATH_INFO => '/'.$c->action.$path_info,
+              SCRIPT_NAME => $c->uri_for($c->action, $c->req->captures)->path
             );
 
   {
@@ -201,6 +246,102 @@ sub wrap_cgi {
   return $env->response;
 }
 
+=head1 FILTERED ENVIRONMENT
+
+If you don't use the L</pass_env> option to restrict which environment variables
+are passed in, the default is to pass the whole of C<%ENV> except the variables
+listed below.
+
+  MOD_PERL
+  SERVER_SOFTWARE
+  SERVER_NAME
+  GATEWAY_INTERFACE
+  SERVER_PROTOCOL
+  SERVER_PORT
+  REQUEST_METHOD
+  PATH_INFO
+  PATH_TRANSLATED
+  SCRIPT_NAME
+  QUERY_STRING
+  REMOTE_HOST
+  REMOTE_ADDR
+  AUTH_TYPE
+  REMOTE_USER
+  REMOTE_IDENT
+  CONTENT_TYPE
+  CONTENT_LENGTH
+  HTTP_ACCEPT
+  HTTP_USER_AGENT
+
+C<%ENV> can be further trimmed using L</kill_env>.
+
+=cut
+
+my $DEFAULT_KILL_ENV = [qw/
+  MOD_PERL SERVER_SOFTWARE SERVER_NAME GATEWAY_INTERFACE SERVER_PROTOCOL
+  SERVER_PORT REQUEST_METHOD PATH_INFO PATH_TRANSLATED SCRIPT_NAME QUERY_STRING
+  REMOTE_HOST REMOTE_ADDR AUTH_TYPE REMOTE_USER REMOTE_IDENT CONTENT_TYPE
+  CONTENT_LENGTH HTTP_ACCEPT HTTP_USER_AGENT
+/];
+
+sub _filtered_env {
+  my ($self, $env) = @_;
+  my @ok;
+
+  my $pass_env = $self->{CGI}{pass_env};
+  $pass_env = []            if not defined $pass_env;
+  $pass_env = [ $pass_env ] unless ref $pass_env;
+
+  my $kill_env = $self->{CGI}{kill_env};
+  $kill_env = $DEFAULT_KILL_ENV unless defined $kill_env;
+  $kill_env = [ $kill_env ]  unless ref $kill_env;
+
+  if (@$pass_env) {
+    for (@$pass_env) {
+      if (m!^/(.*)/\z!) {
+        my $re = qr/$1/;
+        push @ok, grep /$re/, keys %$env;
+      } else {
+        push @ok, $_;
+      }
+    }
+  } else {
+    @ok = keys %$env;
+  }
+
+  for my $k (@$kill_env) {
+    if ($k =~ m!^/(.*)/\z!) {
+      my $re = qr/$1/;
+      @ok = grep { ! /$re/ } @ok;
+    } else {
+      @ok = grep { $_ ne $k } @ok;
+    }
+  }
+  return { map {; $_ => $env->{$_} } @ok };
+}
+
+__PACKAGE__->meta->make_immutable;
+
+=head1 DIRECT SOCKET/NPH SCRIPTS
+
+This currently won't work:
+
+    #!/usr/bin/perl
+
+    use CGI ':standard';
+
+    $| = 1;
+
+    print header;
+
+    for (0..1000) {
+        print $_, br, "\n";
+        sleep 1;
+    }
+
+because the coderef is executed synchronously with C<STDOUT> pointing to a temp
+file.
+
 =head1 ACKNOWLEDGEMENTS
 
 Original development sponsored by L<http://www.altinity.com/>
@@ -210,10 +351,6 @@ Original development sponsored by L<http://www.altinity.com/>
 L<Catalyst::Controller::CGIBin>, L<CatalystX::GlobalContext>,
 L<Catalyst::Controller>, L<CGI>, L<Catalyst>
 
-=head1 AUTHOR
-
-Matt S. Trout, C<< <mst at shadowcat.co.uk> >>
-
 =head1 BUGS
 
 Please report any bugs or feature requests to C<bug-catalyst-controller-wrapcgi
@@ -246,9 +383,20 @@ L<http://search.cpan.org/dist/Catalyst-Controller-WrapCGI>
 
 =back
 
+=head1 AUTHOR
+
+Matt S. Trout C<< <mst at shadowcat.co.uk> >>
+
+=head1 CONTRIBUTORS
+
+Rafael Kitover C<< <rkitover at cpan.org> >>
+
+Hans Dieter Pearcey C<< <hdp at cpan.org> >>
+
 =head1 COPYRIGHT & LICENSE
 
-Copyright (c) 2008 Matt S. Trout
+Copyright (c) 2008-2009 L<Catalyst::Controller::WrapCGI/AUTHOR> and
+L<Catalyst::Controller::WrapCGI/CONTRIBUTORS>.
 
 This program is free software; you can redistribute it and/or modify it
 under the same terms as Perl itself.