/ 
libwww-perl-5.21
River stage four • 2384 direct dependents • 8176 total dependents
/ HTTP::Status
Security Advisories (4)
CPANSA-libwww-perl-2017-01 (2017-11-06)

LWP::Protocol::file can open existent file from file:// scheme. However, current version of LWP uses open FILEHANDLE,EXPR and it has ability to execute arbitrary command

CVE-2011-0633 (2011-01-20)

The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated.

CVE-2010-2253 (2010-07-06)

lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

CPANSA-libwww-perl-2001-01 (2001-03-14)

If LWP::UserAgent::env_proxy is called in a CGI environment, the case-insensitivity when looking for "http_proxy" permits "HTTP_PROXY" to be found, but this can be trivially set by the web client using the "Proxy:" header.

NAME

HTTP::Status - HTTP Status code processing

SYNOPSIS

use HTTP::Status;

if ($rc != RC_OK) {
    print status_message($rc), "\n";
}

if (is_success($rc)) { ... }
if (is_error($rc)) { ... }
if (is_redirect($rc)) { ... }

DESCRIPTION

HTTP::Status is a library of routines for defining and classification of HTTP status codes for libwww-perl. Status codes are used to encode the overall outcome of a HTTP response message. Codes correspond to those defined in RFC 2068.

CONSTANTS

The following constant functions can be used as mnemonic status code names:

RC_CONTINUE				(100)
RC_SWITCHING_PROTOCOLS		(101)

RC_OK				(200)
RC_CREATED				(201)
RC_ACCEPTED				(202)
RC_NON_AUTHORITATIVE_INFORMATION	(203)
RC_NO_CONTENT			(204)
RC_RESET_CONTENT			(205)
RC_PARTIAL_CONTENT			(206)

RC_MULTIPLE_CHOICES			(300)
RC_MOVED_PERMANENTLY			(301)
RC_MOVED_TEMPORARILY			(302)
RC_SEE_OTHER				(303)
RC_NOT_MODIFIED			(304)
RC_USE_PROXY				(305)

RC_BAD_REQUEST			(400)
RC_UNAUTHORIZED			(401)
RC_PAYMENT_REQUIRED			(402)
RC_FORBIDDEN				(403)
RC_NOT_FOUND				(404)
RC_METHOD_NOT_ALLOWED		(405)
RC_NOT_ACCEPTABLE			(406)
RC_PROXY_AUTHENTICATION_REQUIRED	(407)
RC_REQUEST_TIMEOUT			(408)
RC_CONFLICT				(409)
RC_GONE				(410)
RC_LENGTH_REQUIRED			(411)
RC_PRECONDITION_FAILED		(412)
RC_REQUEST_ENTITY_TOO_LARGE		(413)
RC_REQUEST_URI_TOO_LARGE		(414)
RC_UNSUPPORTED_MEDIA_TYPE		(415)
RC_REQUEST_RANGE_NOT_SATISFIABLE     (416)

RC_INTERNAL_SERVER_ERROR		(500)
RC_NOT_IMPLEMENTED			(501)
RC_BAD_GATEWAY			(502)
RC_SERVICE_UNAVAILABLE		(503)
RC_GATEWAY_TIMEOUT			(504)
RC_HTTP_VERSION_NOT_SUPPORTED	(505)

FUNCTIONS

The following additional functions are provided. Most of them are exported by default.

status_message($code)

The status_message() function will translate status codes to human readable strings. The string is the same as found in the constant names above.

is_info($code)

Return TRUE if $code is an Informational status code.

is_success($code)

Return TRUE if $code is a Successful status code.

is_redirect($code)

Return TRUE if $code is a Redirection status code.

is_error($code)

Return TRUE if $code is an Error status code. The function return TRUE for both client error or a server error status codes.

is_client_error($code)

Return TRUE if $code is an Client Error status code. This function is not exported by default.

is_server_error($code)

Return TRUE if $code is an Server Error status code. This function is not exported by default.