Security Advisories (4)

CPANSA-Jifty-2011-01 (2011-03-17)

The path as passed in the fragment request data structure was used verbatim in the dispatcher and other locations. This possibly allowed requests to walk around ACLs by requesting '/some/safe/place/../../../dangerous' as a fragment.

https://metacpan.org/dist/Jifty/changes

CPANSA-Jifty-2009-01 (2009-04-09)

The REST plugin would let you call any method on the model.

https://metacpan.org/dist/Jifty/changes

CPANSA-Jifty-2008-01 (2009-04-08)

Allowed all actions on GET.

https://metacpan.org/dist/Jifty/changes

CPANSA-Jifty-2006-01 (2006-07-06)

Jifty did not protect users against a class of remote data access vulnerability. If an attacker knew the structure of your local filesystem and you were using the "standalone" webserver in production, the attacker could gain read only access to local files.

https://metacpan.org/dist/Jifty/changes

NAME

Jifty::Request::Mapper - Maps response values into arbitrary query parameters

DESCRIPTION

Jifty::Request::Mapper is used to insert values into parameters that you can't know when you originally constructed the request. The prime example of this is a Create action to a View page -- where you can't know what ID to supply to the View page until after the Create action has run. This problem can be fixed by establishing a mapping between some part of the Jifty::Result of the Create action, and the ID query parameter.

METHODS

query_parameters HASH

Extended syntax for generating query parameters. This is used by Jifty::Web::Form::Clickable for its parameters argument, as well as for results of continuations.

Possible syntaxes for each key => value pair in the HASH are:

KEY => STRING: The simplest form -- the KEY will have the literal value of the STRING supplied
KEY => { result => ACTION }: The KEY will take on the value of the content named KEY from the result of the ACTION. ACTION may either be a Jifty::Action object, or a moniker thereof.
KEY => { result => ACTION, name => STRING }: The KEY will take on the value of the content named STRING from the result of the ACTION. ACTION may either be a Jifty::Action object, or a moniker thereof.
KEY => { argument => ACTION }: The KEY will take on the value of the argument named KEY from the ACTION. ACTION may either be a Jifty::Action object, or a moniker thereof.
KEY => { argument => ACTION. name => STRING }: The KEY will take on the value of the argument named STRING from the ACTION. ACTION may either be a Jifty::Action object, or a moniker thereof.

result_of and argument_to are valid synonyms for result and argument, above.

map PARAMHASH

Responsible for doing the actual mapping that "query_parameters" above sets up. That is, takes magical query parameters and extracts the values they were ment to have.

destination: The key from a query parameter
source: The value of a query parameter
request: The Jifty::Request object to pull action arguments from. Defauts to the current request.
response: The Jifty::Response object to pull results from. Defaults to the current response.

Returns a key => value pair.

To install Jifty, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Jifty

CPAN shell

perl -MCPAN -e shell
install Jifty

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

DESCRIPTION

METHODS

query_parameters HASH

map PARAMHASH

Module Install Instructions

Keyboard Shortcuts