Group :: Development/Perl
RPM: perl-LWPx-ParanoidAgent
Navigation
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
%define _unpackaged_files_terminate_build 1
#
# - LWPx::ParanoidAgent -
# This spec file was automatically generated by cpan2rpm [ver: 2.027]
# (ALT Linux revision)
# The following arguments were used:
# LWPx::ParanoidAgent
# For more information on cpan2rpm please visit: http://perl.arix.com/
#
%define module LWPx-ParanoidAgent
%define m_distro LWPx-ParanoidAgent
%define m_name LWPx::ParanoidAgent
%define m_author_id BRADFITZ
%define _disable_test 1
Name: perl-LWPx-ParanoidAgent
Version: 1.12
Release: alt1
Summary: subclass of LWP::UserAgent that protects you from harm
License: Artistic
Group: Development/Perl
Url: http://www.annocpan.org/dist/%m_distro
Packager: Vitaly Lipatov <lav at altlinux.ru>
BuildArch: noarch
Source: http://www.cpan.org/authors/id/S/SA/SAXJAZMAN/lwp/LWPx-ParanoidAgent-%{version}.tar.gz
# Automatically added by buildreq on Sat Nov 07 2009
BuildRequires: perl-Net-DNS perl-devel perl-libwww
%description
The "LWPx::ParanoidAgent" is a class subclassing "LWP::UserAgent",
but paranoid against attackers. It's to be used when you're fetching
a remote resource on behalf of a possibly malicious user.
This class can do whatever "LWP::UserAgent" can (callbacks, uploads from
files, etc), except proxy support is explicitly removed, because in
that case you should do your paranoia at your proxy.
Also, the schemes are limited to http and https, which are mapped to
"LWPx::Protocol::http_paranoid" and
"LWPx::Protocol::https_paranoid", respectively, which are forked
versions of the same ones without the "_paranoid". Subclassing them
didn't look possible, as they were essentially just one huge function.
This class protects you from connecting to internal IP ranges (unless you
whitelist them), hostnames/IPs that you blacklist, remote webserver
tarpitting your process (the timeout parameter is changed to be a global
timeout over the entire process), and all combinations of redirects and
DNS tricks to otherwise tarpit and/or connect to internal resources.
%prep
%setup -q -n %m_distro-%version
%build
%perl_vendor_build
%install
%perl_vendor_install
rm -rf %buildroot%perl_vendor_man3dir/
%files
%doc ChangeLog
%perl_vendor_privlib/LWPx/
%changelog
…
Full changelog you can see here
#
# - LWPx::ParanoidAgent -
# This spec file was automatically generated by cpan2rpm [ver: 2.027]
# (ALT Linux revision)
# The following arguments were used:
# LWPx::ParanoidAgent
# For more information on cpan2rpm please visit: http://perl.arix.com/
#
%define module LWPx-ParanoidAgent
%define m_distro LWPx-ParanoidAgent
%define m_name LWPx::ParanoidAgent
%define m_author_id BRADFITZ
%define _disable_test 1
Name: perl-LWPx-ParanoidAgent
Version: 1.12
Release: alt1
Summary: subclass of LWP::UserAgent that protects you from harm
License: Artistic
Group: Development/Perl
Url: http://www.annocpan.org/dist/%m_distro
Packager: Vitaly Lipatov <lav at altlinux.ru>
BuildArch: noarch
Source: http://www.cpan.org/authors/id/S/SA/SAXJAZMAN/lwp/LWPx-ParanoidAgent-%{version}.tar.gz
# Automatically added by buildreq on Sat Nov 07 2009
BuildRequires: perl-Net-DNS perl-devel perl-libwww
%description
The "LWPx::ParanoidAgent" is a class subclassing "LWP::UserAgent",
but paranoid against attackers. It's to be used when you're fetching
a remote resource on behalf of a possibly malicious user.
This class can do whatever "LWP::UserAgent" can (callbacks, uploads from
files, etc), except proxy support is explicitly removed, because in
that case you should do your paranoia at your proxy.
Also, the schemes are limited to http and https, which are mapped to
"LWPx::Protocol::http_paranoid" and
"LWPx::Protocol::https_paranoid", respectively, which are forked
versions of the same ones without the "_paranoid". Subclassing them
didn't look possible, as they were essentially just one huge function.
This class protects you from connecting to internal IP ranges (unless you
whitelist them), hostnames/IPs that you blacklist, remote webserver
tarpitting your process (the timeout parameter is changed to be a global
timeout over the entire process), and all combinations of redirects and
DNS tricks to otherwise tarpit and/or connect to internal resources.
%prep
%setup -q -n %m_distro-%version
%build
%perl_vendor_build
%install
%perl_vendor_install
rm -rf %buildroot%perl_vendor_man3dir/
%files
%doc ChangeLog
%perl_vendor_privlib/LWPx/
%changelog
…
Full changelog you can see here