Security Advisories (1)

CVE-2012-1102 (2021-07-09)

It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

NAME

XML::Atom::API - A client for the Atom API

SYNOPSIS

use XML::Atom::API;
use XML::Atom::Entry;
my $api = XML::Atom::API->new;
$api->introspect('http://www.my-weblog.com/atom');
$api->username('Melody');
$api->password('Nelson');

my $entry = XML::Atom::Entry->new;
$entry->title('New Post');
$entry->content('Content of my post.');
my $url = $api->createEntry($entry);

DESCRIPTION

XML::Atom::API implements a client for the Atom API described at http://bitworking.org/rfc/draft-gregorio-07.html, with the authentication scheme described at http://www.intertwingly.net/wiki/pie/DifferentlyAbledClients.

NOTE: the API, and particularly the authentication scheme, are still in flux.

USAGE

XML::Atom::API->new(%param)

$api->use_soap([ 0 | 1 ])

XML::Atom::API supports both the REST and SOAP-wrapper versions of the Atom API. By default, the REST version of the API will be used, but you can turn on the SOAP wrapper--for example, if you need to connect to a server that supports only the SOAP wrapper--by calling use_soap with a value of 1:

$api->use_soap(1);

If called without arguments, returns the current value of the flag.

$api->username([ $username ])

If called with an argument, sets the username for login to $username.

Returns the current username that will be used when logging in to the Atom server.

$api->password([ $password ])

If called with an argument, sets the password for login to $password.

Returns the current password that will be used when logging in to the Atom server.

$api->introspect($url)

$api->createEntry($entry)

Creates a new entry.

$entry must be an XML::Atom::Entry object.

$api->getEntry($url)

Retrieves the entry with the given URL $url.

Returns an XML::Atom::Entry object.

$api->updateEntry($url, $entry)

Updates the entry at URL $url with the entry $entry, which must be an XML::Atom::Entry object.

Returns true on success, false otherwise.

$api->deleteEntry($url)

Deletes the entry at URL $url.

$api->searchEntries

Retrieves a list of entries.

Returns a reference to an array of hash references, each with two keys: id, the URL for editing/retrieving the entry; and title, the title of the entry.

ERROR HANDLING

Methods return undef on error, and the error message can be retrieved using the errstr method.

AUTHOR & COPYRIGHT

Please see the XML::Atom manpage for author, copyright, and license information.

To install XML::Atom, copy and paste the appropriate command in to your terminal.

cpanm

cpanm XML::Atom

CPAN shell

perl -MCPAN -e shell
install XML::Atom

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)