/ 
Jifty-0.71129
/ Jifty::Plugin::LeakTracker
Security Advisories (2)
CPANSA-Jifty-2011-01 (2011-03-17)

The path as passed in the fragment request data structure was used verbatim in the dispatcher and other locations. This possibly allowed requests to walk around ACLs by requesting '/some/safe/place/../../../dangerous' as a fragment.

CPANSA-Jifty-2009-01 (2009-04-09)

The REST plugin would let you call any method on the model.

init

init installs the triggers needed around each HTTP request

before_request

This trigger sets up Devel::Events to instrument bless and free so it can keep track of all the objects created and destroyed in this request

after_request

This extracts all the data gathered by Devel::Events and puts it into the global @Jifty::Plugin::LeakTracker::requests so the LeakTracker dispatcher and views can query it to make nice reports

NAME

Jifty::Plugin::LeakTracker

DESCRIPTION

Memory leak detection and reporting for your Jifty app

USAGE

Add the following to your site_config.yml

framework:
  Plugins:
    - LeakTracker: {}

This makes the following URLs available:

View the top-level leak report (how much each request has leaked)

http://your.app/leaks

View the top-level leak report, including zero-leak requests

http://your.app/leaks/all

View an individual request's detailed leak report (which objects were leaked)

http://your.app/leaks/3

WARNING

If you use this in production, be sure to block off 'leaks' from non-administrators. The full Data::Dumper output of the objects leaked is available, which may of course contain sensitive information.

SEE ALSO

Jifty::Plugin::LeakTracker::View, Jifty::Plugin::LeakTracker::Dispatcher

COPYRIGHT AND LICENSE

Copyright 2007 Best Practical Solutions

This is free software and may be modified and distributed under the same terms as Perl itself.