/ 
Mojolicious-0.999921
⭐ Starred 2674
/ Mojo::Message
Security Advisories (13)
CPANSA-Mojolicious-2022-03 (2022-12-10)

Mojo::DOM did not correctly parse <script> tags.

CPANSA-Mojolicious-2021-02 (2021-06-01)

Small sessions could be used as part of a brute-force attack to decode the session secret.

CVE-2021-47208 (2021-03-16)

A bug in format detection can potentially be exploited for a DoS attack.

CVE-2018-25100 (2018-02-13)

Mojo::UserAgent::CookieJar leaks old cookies because of the missing host_only flag on empty domain.

CPANSA-Mojolicious-2015-01 (2015-02-02)

Directory traversal on Windows

CVE-2010-4802 (2011-05-03)

Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.

CPANSA-Mojolicious-2018-03 (2018-05-19)

Mojo::UserAgent was not checking peer SSL certificates by default.

CPANSA-Mojolicious-2018-02 (2018-05-11)

GET requests with embedded backslashes can be used to access local files on Windows hosts

CPANSA-Mojolicious-2014-01 (2014-10-07)

Context sensitivity of method param could lead to parameter injection attacks.

CVE-2011-1841 (2011-03-10)

Mojolicious is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by link_to helper. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

CVE-2011-1589 (2011-04-05)

Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.

CVE-2010-4803 (2011-05-03)

Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.

CVE-2011-1841 (2011-05-03)

Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

NAME

Mojo::Message - HTTP 1.1 Message Base Class

SYNOPSIS

use base 'Mojo::Message';

DESCRIPTION

Mojo::Message is an abstract base class for HTTP 1.1 messages.

ATTRIBUTES

Mojo::Message inherits all attributes from Mojo::Stateful and implements the following new ones.

body_cb

my $cb = $message->body_cb;

$counter = 1;
$message = $message->body_cb(sub {
    my $self  = shift;
    my $chunk = '';
    $chunk    = "hello world!" if $counter == 1;
    $chunk    = "hello world2!\n\n" if $counter == 2;
    $counter++;
    return $chunk;
});

buffer

my $buffer = $message->buffer;
$message   = $message->buffer(Mojo::ByteStream->new);

content

my $content = $message->content;
$message    = $message->content(Mojo::Content::Single->new);

default_charset

my $charset = $message->default_charset;
$message    = $message->default_charset('UTF-8');

headers

my $headers = $message->headers;
$message    = $message->headers(Mojo::Headers->new);

major_version

my $major_version = $message->major_version;
$message          = $message->major_version(1);

minor_version

my $minor_version = $message->minor_version;
$message          = $message->minor_version(1);

progress_cb

my $cb   = $message->progress_cb;
$message = $message->progress_cb(sub {
    my $self = shift;
    print '+';
});

METHODS

Mojo::Message inherits all methods from Mojo::Stateful and implements the following new ones.

at_least_version

my $success = $message->at_least_version('1.1');

body

my $string = $message->body;
$message   = $message->body('Hello!');

$counter = 1;
$message = $message->body(sub {
    my $self  = shift;
    my $chunk = '';
    $chunk    = "hello world!" if $counter == 1;
    $chunk    = "hello world2!\n\n" if $counter == 2;
    $counter++;
    return $chunk;
});

body_params

my $params = $message->body_params;

body_size

my $size = $message->body_size;

to_string

build

my $string = $message->build;

build_body

my $string = $message->build_body;

build_headers

my $string = $message->build_headers;

build_start_line

my $string = $message->build_start_line;
my $cookie  = $message->cookie('foo');
my @cookies = $message->cookie('foo');

fix_headers

$message = $message->fix_headers;

get_body_chunk

my $string = $message->get_body_chunk($offset);

get_header_chunk

my $string = $message->get_header_chunk($offset);

get_start_line_chunk

my $string = $message->get_start_line_chunk($offset);

has_leftovers

my $leftovers = $message->has_leftovers;

header_size

my $size = $message->header_size;

is_chunked

my $chunked = $message->is_chunked;

is_multipart

my $multipart = $message->is_multipart;

leftovers

my $bytes = $message->leftovers;

param

my $param  = $message->param('foo');
my @params = $message->param('foo');

parse

$message = $message->parse('HTTP/1.1 200 OK...');

parse_until_body

$message = $message->parse_until_body('HTTP/1.1 200 OK...');

start_line_size

my $size = $message->start_line_size;

upload

my $upload  = $message->upload('foo');
my @uploads = $message->upload('foo');

uploads

my $uploads = $message->uploads;

version

my $version = $message->version;
$message    = $message->version('1.1');

SEE ALSO

Mojolicious, Mojolicious::Book, http://mojolicious.org.