Redirecting via LWP

Discussion in 'Perl Misc' started by Bigus, Sep 1, 2003.

  1. Bigus

    Bigus Guest

    Hi

    I've written a script which performs some background authentication to
    control access to a files directory on the web server. The final action in
    the script, assuming the user authenticates correctly, is to take them to
    the files directory. I do this with LWP.

    However, when they then go to click on a file it looks for it in the
    cgi-bin, which of course is not where it is! How can I make it so that the
    browser thinks it's in the intended directory rather than the cgi-bin?

    Thanks

    Bigus
    Bigus, Sep 1, 2003
    #1
    1. Advertising

  2. Bigus

    Bigus Guest

    "Bigus" <> wrote in message
    news:bivnb6$...
    > Hi
    >
    > I've written a script which performs some background authentication to
    > control access to a files directory on the web server. The final action in
    > the script, assuming the user authenticates correctly, is to take them to
    > the files directory. I do this with LWP.
    >
    > However, when they then go to click on a file it looks for it in the
    > cgi-bin, which of course is not where it is! How can I make it so that the
    > browser thinks it's in the intended directory rather than the cgi-bin?


    For info, here's the sub that does the redirect bit:

    sub gotofilearea()
    {
    $url = "http://mydomain.com/files/$listname/";
    use LWP::UserAgent;
    $ua = new LWP::UserAgent;
    $req = HTTP::Request->new(GET => $url);
    $req->authorization_basic("$listname", "password");
    $resp = $ua->request($req);
    $response = $resp->content;
    print "Content-type:text/html\n\n";
    print $response;
    exit;
    }

    Bigus
    Bigus, Sep 1, 2003
    #2
    1. Advertising

  3. On Mon, 1 Sep 2003 16:40:54 +0100
    "Bigus" <> wrote:
    > "Bigus" <> wrote in message
    > news:bivnb6$...
    > > I've written a script which performs some background
    > > authentication to control access to a files directory on the web
    > > server. The final action in the script, assuming the user
    > > authenticates correctly, is to take them to the files directory. I
    > > do this with LWP.
    > >
    > > However, when they then go to click on a file it looks for it in
    > > the cgi-bin, which of course is not where it is! How can I make it
    > > so that the browser thinks it's in the intended directory rather
    > > than the cgi-bin?

    >
    > For info, here's the sub that does the redirect bit:
    >
    > sub gotofilearea()
    > {
    > $url = "http://mydomain.com/files/$listname/";
    > use LWP::UserAgent;
    > $ua = new LWP::UserAgent;
    > $req = HTTP::Request->new(GET => $url);
    > $req->authorization_basic("$listname", "password");
    > $resp = $ua->request($req);
    > $response = $resp->content;
    > print "Content-type:text/html\n\n";
    > print $response;
    > exit;
    > }


    Because you're _not_ storing a file - you're printing the results from
    your 'GET'. So, you'll have to use a method that will store the
    results. One method is to do the following (I don't recommend doing
    it, though - read more about your web server and security).

    ==example & untested==
    open(FILE, '/some/directory/filename')
    or die "Can't open file\n"; #no "$!", because the use doesn't need
    #to know why the file can not
    #be written;
    #see comment above
    print FILE $result;
    close FILE;
    ==example & untested==

    Read some more about LWP, HTTP::Request, and your own web server,
    because there are other ways to do it that are more secure and easier.

    HTH
    --
    Jim
    ---
    Copyright notice: all code written by the author in this post is
    considered GPL. http://gnu.org for more information.
    ---
    a real quote ...
    Linus Torvalids: "They are somking crack ...."
    (http://www.eweek.com/article2/0,3959,1227150,00.asp)
    ---
    a fortune quote ...
    You do not have mail.
    James Willmore, Sep 1, 2003
    #3
  4. On Mon, 01 Sep 2003 17:27:50 GMT
    James Willmore <> wrote:
    > ==example & untested==
    > open(FILE, '/some/directory/filename')
    > or die "Can't open file\n"; #no "$!", because the use doesn't

    Should be:
    or die "Can't open file\n"; #no "$!", because the user doesn't

    And, after reading the OP a second time, you mention that the user is
    being redirected back at some point to the cgi-bin directory. You're
    geting a listing in the cgi-bin directory? If so ... _VERY_ bad.
    Read some more about your web server and security. Users, on a
    production system, should _not_ be able to see the directory contents
    in the cgi-bin directory - EVER. It is a security risk that you
    _should_ be unwilling to take.

    HTH
    --
    Jim
    ---
    Copyright notice: all code written by the author in this post is
    considered GPL. http://gnu.org for more information.
    ---
    a real quote ...
    Linus Torvalids: "They are somking crack ...."
    (http://www.eweek.com/article2/0,3959,1227150,00.asp)
    ---
    a fortune quote ...
    The District of Columbia has a law forbidding you to exert
    pressure on a balloon and thereby cause a whistling sound on the
    streets.
    James Willmore, Sep 1, 2003
    #4
  5. Bigus

    Bigus Guest

    "James Willmore" <> wrote in message
    > Because you're _not_ storing a file - you're printing the results from
    > your 'GET'. So, you'll have to use a method that will store the
    > results. One method is to do the following (I don't recommend doing
    > it, though - read more about your web server and security).
    >
    > ==example & untested==
    > open(FILE, '/some/directory/filename')
    > or die "Can't open file\n"; #no "$!", because the use doesn't need
    > #to know why the file can not
    > #be written;
    > #see comment above
    > print FILE $result;
    > close FILE;
    > ==example & untested==
    >
    > Read some more about LWP, HTTP::Request, and your own web server,
    > because there are other ways to do it that are more secure and easier.


    I'm not storing a file, no.. the directory I want the user to end up in is
    displayed via Apache's directory listing feature.. ie: there is no html page
    in that directory. If I have to start creating & storing temp files then it
    could be a bit of a pain. There are about a thousand directories that will
    be handled by this script.

    Can anyone give me any further pointers on what to search for?

    Thanks

    Bigus
    Bigus, Sep 1, 2003
    #5
  6. Bigus

    Bigus Guest

    "James Willmore" <> wrote in message
    news:...
    > On Mon, 01 Sep 2003 17:27:50 GMT
    > James Willmore <> wrote:
    > > ==example & untested==
    > > open(FILE, '/some/directory/filename')
    > > or die "Can't open file\n"; #no "$!", because the use doesn't

    > Should be:
    > or die "Can't open file\n"; #no "$!", because the user doesn't
    >
    > And, after reading the OP a second time, you mention that the user is
    > being redirected back at some point to the cgi-bin directory. You're
    > geting a listing in the cgi-bin directory?


    No, they are just getting "cannot find file" or words to that effect.

    Bigus
    Bigus, Sep 1, 2003
    #6
  7. On Mon, 1 Sep 2003 18:41:57 +0100
    "Bigus" <> wrote:
    > I'm not storing a file, no.. the directory I want the user to end up
    > in is displayed via Apache's directory listing feature.. ie: there
    > is no html page in that directory. If I have to start creating &
    > storing temp files then it could be a bit of a pain. There are about
    > a thousand directories that will be handled by this script.
    >
    > Can anyone give me any further pointers on what to search for?


    Why are you using LWP in a CGI script? If you are using Apache's
    directory listing, what are you listing, if not files? What exactly
    are you tring to do?

    In your OP, you wanted to do redirection. Then why not
    1) use the CGI module's redirect method
    2) simply print the proper header (print "Location: <new URL>\n\n";)

    This way, all you need to concern yourself with is getting the user to
    the right place - allowing Apache to do the authentication (as you
    were trying to do with LWP).

    I guess I'm at a loss to see exactly what you're trying to accomplish
    if none of the above makes sense.

    HTH
    --
    Jim
    ---
    Copyright notice: all code written by the author in this post is
    considered GPL. http://gnu.org for more information.
    ---
    a real quote ...
    Linus Torvalids: "They are somking crack ...."
    (http://www.eweek.com/article2/0,3959,1227150,00.asp)
    ---
    a fortune quote ...
    I am more bored than you could ever possibly be. Go back to
    work.
    James Willmore, Sep 1, 2003
    #7
  8. In article <bivpab$>,
    "Bigus" <> wrote:

    > "Bigus" <> wrote in message
    > news:bivnb6$...
    > > Hi
    > >
    > > I've written a script which performs some background authentication to
    > > control access to a files directory on the web server. The final action in
    > > the script, assuming the user authenticates correctly, is to take them to
    > > the files directory. I do this with LWP.
    > >
    > > However, when they then go to click on a file it looks for it in the
    > > cgi-bin, which of course is not where it is! How can I make it so that the
    > > browser thinks it's in the intended directory rather than the cgi-bin?

    >
    > For info, here's the sub that does the redirect bit:
    >
    > sub gotofilearea()
    > {
    > $url = "http://mydomain.com/files/$listname/";
    > use LWP::UserAgent;
    > $ua = new LWP::UserAgent;
    > $req = HTTP::Request->new(GET => $url);
    > $req->authorization_basic("$listname", "password");
    > $resp = $ua->request($req);
    > $response = $resp->content;
    > print "Content-type:text/html\n\n";
    > print $response;
    > exit;
    > }
    >
    > Bigus
    >
    >


    look into the <base href="..."> html tag, then do this:

    $response = $resp->content;
    $response =~
    s{(</head>)}{<base href="http://mydomain.com/files/$listname/">$1}i;

    it's what i do and it works like a champ.
    --
    Michael Budash
    Michael Budash, Sep 2, 2003
    #8
  9. Bigus

    Bigus Guest

    "James Willmore" <> wrote in message
    news:...
    > On Mon, 1 Sep 2003 18:41:57 +0100
    > "Bigus" <> wrote:
    > > I'm not storing a file, no.. the directory I want the user to end up
    > > in is displayed via Apache's directory listing feature.. ie: there
    > > is no html page in that directory. If I have to start creating &
    > > storing temp files then it could be a bit of a pain. There are about
    > > a thousand directories that will be handled by this script.
    > >
    > > Can anyone give me any further pointers on what to search for?

    >
    > Why are you using LWP in a CGI script? If you are using Apache's
    > directory listing, what are you listing, if not files? What exactly
    > are you tring to do?


    Well, you've solved it for me (see below), but just for the sake of
    completeness, as I evidently didn't explain what I was doing very well -
    basically, each directory is a file area associated with a Listserv mailing
    list. The directory is password protected by an Apache htaccess file to stop
    users typing a URL and getting there directly. My CGI script makes them log
    into Listserv and checks to make sure they are a subscriber (or a site
    administrator) to the mailing list that they are trying to access the file
    area of. If they pass those checks the script takes them to the file area,
    automatically dealing with the Apache authentication.

    > In your OP, you wanted to do redirection. Then why not
    > 1) use the CGI module's redirect method
    > 2) simply print the proper header (print "Location: <new URL>\n\n";)


    That worked! I love simple solutions, and that helped fill in a gap in my
    knowledge of something that I should probably know by now :)

    Many thanks

    Bigus
    Bigus, Sep 2, 2003
    #9
  10. Bigus

    Bigus Guest

    "Bigus" <> wrote in message
    news:bj1pq3$...
    > "James Willmore" <> wrote in message
    > news:...
    > > On Mon, 1 Sep 2003 18:41:57 +0100
    > > "Bigus" <> wrote:
    > > > I'm not storing a file, no.. the directory I want the user to end up
    > > > in is displayed via Apache's directory listing feature.. ie: there
    > > > is no html page in that directory. If I have to start creating &
    > > > storing temp files then it could be a bit of a pain. There are about
    > > > a thousand directories that will be handled by this script.
    > > >
    > > > Can anyone give me any further pointers on what to search for?

    > >
    > > Why are you using LWP in a CGI script? If you are using Apache's
    > > directory listing, what are you listing, if not files? What exactly
    > > are you tring to do?

    >
    > Well, you've solved it for me (see below), but just for the sake of
    > completeness, as I evidently didn't explain what I was doing very well -
    > basically, each directory is a file area associated with a Listserv

    mailing
    > list. The directory is password protected by an Apache htaccess file to

    stop
    > users typing a URL and getting there directly. My CGI script makes them

    log
    > into Listserv and checks to make sure they are a subscriber (or a site
    > administrator) to the mailing list that they are trying to access the file
    > area of. If they pass those checks the script takes them to the file area,
    > automatically dealing with the Apache authentication.
    >
    > > In your OP, you wanted to do redirection. Then why not
    > > 1) use the CGI module's redirect method
    > > 2) simply print the proper header (print "Location: <new URL>\n\n";)

    >
    > That worked!


    Actually, it didn't work.. doh! The line:

    print "Location: http://$listname:$password\@$host/files/$listname/\n\n";

    Causes the Apache password dialog box to come up, even though $listname and
    $password are absolutely definitely correct.

    Any ideas?

    Thanks

    Bigus
    Bigus, Sep 2, 2003
    #10
  11. Bigus

    Bigus Guest

    "Michael Budash" <> wrote in message
    news:...

    > look into the <base href="..."> html tag, then do this:
    >
    > $response = $resp->content;
    > $response =~
    > s{(</head>)}{<base href="http://mydomain.com/files/$listname/">$1}i;
    >
    > it's what i do and it works like a champ.


    Thanks.. this does work and is what I've employed for now, although it is a
    browser dependant solution. Having said that, I checked a compatibility
    chart and it seems <base href..> is supported by pretty much every browser
    since the dawn of time :)

    Regards
    Bigus
    Bigus, Sep 3, 2003
    #11
  12. In article <bj47pd$>,
    "Bigus" <> wrote:

    > "Michael Budash" <> wrote in message
    > news:...
    >
    > > look into the <base href="..."> html tag, then do this:
    > >
    > > $response = $resp->content;
    > > $response =~
    > > s{(</head>)}{<base href="http://mydomain.com/files/$listname/">$1}i;
    > >
    > > it's what i do and it works like a champ.

    >
    > Thanks.. this does work and is what I've employed for now, although it is a
    > browser dependant solution. Having said that, I checked a compatibility
    > chart and it seems <base href..> is supported by pretty much every browser
    > since the dawn of time :)


    glad it works for you. (btw - i wouldn't've suggested it as a solution
    unless i was pretty darn sure it would work with most or all modern
    browsers...)


    --
    Michael Budash
    Michael Budash, Sep 3, 2003
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. darrel
    Replies:
    5
    Views:
    431
    =?Utf-8?B?S2VubmV0aCBQ?=
    Dec 11, 2004
  2. Gerry Hickman
    Replies:
    2
    Views:
    1,491
    Gerry Hickman
    Dec 14, 2005
  3. Replies:
    3
    Views:
    748
    Chris Dollin
    Aug 31, 2005
  4. Mark Mykkanen

    LWP - Upload via HTTP POST

    Mark Mykkanen, Jul 2, 2003, in forum: Perl Misc
    Replies:
    1
    Views:
    360
    J. Gleixner
    Jul 2, 2003
  5. schruthensis
    Replies:
    18
    Views:
    778
    Matt Garrish
    Jan 7, 2006
Loading...

Share This Page