/ 
Mojolicious-9.42
River stage four • 1019 direct dependents • 1130 total dependents
⭐ Starred 2674 GitHub stars
/ Mojolicious::Routes
Security Advisories (2)
CVE-2024-58134 (2025-05-03)

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default. These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user's session.

CVE-2024-58135 (2025-05-03)

Mojolicious versions from 7.28 for Perl may generate weak HMAC session secrets. When creating a default app with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys.

NAME

Mojolicious::Routes - Always find your destination with routes

SYNOPSIS

use Mojolicious::Routes;

# Simple route
my $r = Mojolicious::Routes->new;
$r->any('/')->to(controller => 'blog', action => 'welcome');

# More advanced routes
my $blog = $r->under('/blog');
$blog->get('/list')->to('blog#list');
$blog->get('/:id' => [id => qr/\d+/])->to('blog#show', id => 23);
$blog->patch(sub ($c) { $c->render(text => 'Go away!', status => 405) });

DESCRIPTION

Mojolicious::Routes is the core of the Mojolicious web framework.

See Mojolicious::Guides::Routing for more.

TYPES

These placeholder types are available by default.

num

$r->get('/article/<id:num>');

Placeholder value needs to be a non-fractional number, similar to the regular expression ([0-9]+).

ATTRIBUTES

Mojolicious::Routes inherits all attributes from Mojolicious::Routes::Route and implements the following new ones.

base_classes

my $classes = $r->base_classes;
$r          = $r->base_classes(['MyApp::Controller']);

Base classes used to identify controllers, defaults to Mojolicious::Controller and Mojolicious.

cache

my $cache = $r->cache;
$r        = $r->cache(Mojo::Cache->new);

Routing cache, defaults to a Mojo::Cache object.

conditions

my $conditions = $r->conditions;
$r             = $r->conditions({foo => sub {...}});

Contains all available conditions.

namespaces

my $namespaces = $r->namespaces;
$r             = $r->namespaces(['MyApp::Controller', 'MyApp']);

Namespaces to load controllers from.

# Add another namespace to load controllers from
push @{$r->namespaces}, 'MyApp::MyController';

shortcuts

my $shortcuts = $r->shortcuts;
$r            = $r->shortcuts({foo => sub {...}});

Contains all available shortcuts.

types

my $types = $r->types;
$r        = $r->types({lower => qr/[a-z]+/});

Registered placeholder types, by default only "num" is already defined.

METHODS

Mojolicious::Routes inherits all methods from Mojolicious::Routes::Route and implements the following new ones.

add_condition

$r = $r->add_condition(foo => sub ($route, $c, $captures, $arg) {...});

Register a condition.

$r->add_condition(foo => sub ($route, $c, $captures, $arg) {
  ...
  return 1;
});

add_shortcut

$r = $r->add_shortcut(foo => sub ($route, @args) {...});

Register a shortcut.

$r->add_shortcut(foo => sub ($route, @args) {...});

add_type

$r = $r->add_type(foo => qr/\w+/);
$r = $r->add_type(foo => ['bar', 'baz']);

Register a placeholder type.

$r->add_type(lower => qr/[a-z]+/);

continue

$r->continue(Mojolicious::Controller->new);

Continue dispatch chain and emit the hook "around_action" in Mojolicious for every action.

dispatch

my $bool = $r->dispatch(Mojolicious::Controller->new);

Match routes with "match" and dispatch with "continue".

lookup

my $route = $r->lookup('foo');

Find route by name with "find" in Mojolicious::Routes::Route and cache all results for future lookups.

match

$r->match(Mojolicious::Controller->new);

Match routes with Mojolicious::Routes::Match.

SEE ALSO

Mojolicious, Mojolicious::Guides, https://mojolicious.org.