/ 
Jifty-0.60505
Security Advisories (4)
CPANSA-Jifty-2011-01 (2011-03-17)

The path as passed in the fragment request data structure was used verbatim in the dispatcher and other locations. This possibly allowed requests to walk around ACLs by requesting '/some/safe/place/../../../dangerous' as a fragment.

CPANSA-Jifty-2009-01 (2009-04-09)

The REST plugin would let you call any method on the model.

CPANSA-Jifty-2008-01 (2009-04-08)

Allowed all actions on GET.

CPANSA-Jifty-2006-01 (2006-07-06)

Jifty did not protect users against a class of remote data access vulnerability. If an attacker knew the structure of your local filesystem and you were using the "standalone" webserver in production, the attacker could gain read only access to local files.

Changes for version 0.60505

  • Native support for times and timezones.
  • Bug fixes (Many contributors)
  • Documentation updates (Many contributors)
  • Win32 Support (Audrey Tang)
  • New Session layer based on Jifty instead of Apache::Session. Designed for AJAX and Continations (alexmv)
  • Jifty internal metadata store (The begining of an internal configuration management system (alexmv)
  • Form fields no longer automatically insert the field name by itself as a class. Instead, the class has changed to "argument-<fieldname>" to avoid conflicts with generic class names (such as date).
  • Move allow and deny'ing of actions into Jifty::API; this breaks backwards compatibility.
  • Don't allow applications to be named "Jifty" by default. They are forced to be named "JiftyApp" now, for namespace reasons.
  • Remove Jifty->web->actions method; you should be using Jifty::Form's actions method.
  • Beginning of localization support.
  • Notifications can now take a user object or an email address
  • "sort order for arguments" patch, as suggested by miyagawa. This makes use of sort_order column property of Jifty::DBI
  • YAML -> Jifty::YAML
  • Switch from Time::ParseDate to Date::Manip, since the former isn't win32 compatible
  • Shuffle the Mason and static handlers into Jifty::View namespace
  • Jifty no longer attempts to AJAX submit file upload fields
  • We no longer write DefaultStaticRoot and DefaultTemplateRoot into config files
  • Added a "LogLevel" option to the Jifty config file, so you can more easily enable debug logging.

Documentation

Jifty::Manual::AccessControl
Jifty::Manual::Glossary
Jifty::Manual::ObjectModel
An overview of the Jifty object model
Jifty::Manual::Tutorial
Zero to Jifty in a Jiffy
Jifty::Manual::Tutorial_ja

Modules

Jifty
Just Do It
Jifty::API
Manages and allow reflection on the Jifty::Actions that make up a Jifty application's API
Jifty::Action
The ability to Do Things in the framework
Jifty::Action::Autocomplete
Jifty::Action::Devel::FileEditor
Jifty::Action::Record
An action tied to a record in the database.
Jifty::Action::Record::Create
Automagic creation action
Jifty::Action::Record::Delete
Automagic delete action
Jifty::Action::Record::Update
Automagic update action
Jifty::Action::Redirect
Redirect the browser
Jifty::Bootstrap
Insert initial data into your database
Jifty::ClassLoader
Loads the application classes
Jifty::Collection
Collection of Jifty::Record objects
Jifty::Config
wrap a jifty configuration file
Jifty::Continuation
Allows for basic continuation-based programming
Jifty::CurrentUser
Jifty::DateTime
a DateTime subclass that knows about Jifty users
Jifty::Dispatcher
The Jifty Dispatcher
Jifty::Everything
Load all of the important Jifty modules at once.
Jifty::Handle
A database handle class for Jifty
Jifty::Handler
Methods related to the Mason handler
Jifty::I18N
Internationalization framework for Jifty
Jifty::JSON
Wrapper around JSON
Jifty::LetMe
A way to expose single-link URLs to your applications
Jifty::Logger
A master class for Jifty's logging framwork
Jifty::Mason::Halo
Jifty::Model::Metadata
Tracks Jifty-related metadata
Jifty::Model::Session
Jifty session tracking
Jifty::Record
Represents a Jifty object that lives in the database.
Jifty::Request
Canonical internal representation of an incoming Jifty request
Jifty::Request::Mapper
Maps response values into arbitrary query parameters
Jifty::Response
Canonical internal representation of the result of a Jifty::Action
Jifty::Result
Outcome of running a Jifty::Action
Jifty::RightsFrom
Jifty::Script::Action
Add an action class to your Jifty application
Jifty::Script::App
Create the skeleton of a Jifty application
Jifty::Script::FastCGI
A FastCGI server for your Jifty application
Jifty::Script::Help
Show help
Jifty::Script::Model
Add a model class to your Jifty application
Jifty::Script::Po
Extract translatable strings from your application
Jifty::Script::Schema
Create SQL to update or create your Jifty app's tables
Jifty::Script::Server
A standalone webserver for your Jifty application
Jifty::Server
Standalone web server for Jifty applications
Jifty::Test::WWW::Mechanize
Subclass of Test::WWW::Mechanize with extra Jifty features
Jifty::Upgrade
Jifty::Util
Things that don't fit anywhere else
Jifty::View::Mason::Handler
Handler for Mason requests inside of Jifty
Jifty::View::Static::Handler
head1 DESCRIPTION
Jifty::Web
Web framework for a Jifty application
Jifty::Web::Form::Clickable
Some item that can be clicked on -- either a button or a link.
Jifty::Web::Form::Element
Some item that can be rendered in a form
Jifty::Web::Form::Field
Web input of some sort
Jifty::Web::Form::Field::Text
Renders as a small text field
Jifty::Web::Form::Field::Upload
File upload field
Jifty::Web::Form::Link
Creates a state-preserving HTML link
Jifty::Web::PageRegion
Defines a page region
Jifty::Web::Session
A Jifty session handler
Jifty::YAML
Wrapper around YAML

Provides

Email::Send::Jifty::Test
in lib/Email/Send/Jifty/Test.pm
HTML::Mason::Request::Jifty
in lib/Jifty/View/Mason/Handler.pm
Jifty::Model::Metadata::Schema
in lib/Jifty/Model/Metadata.pm
Jifty::Model::Session::Schema
in lib/Jifty/Model/Session.pm
Jifty::Notification
in lib/Jifty/Notification.pm
Jifty::Object
in lib/Jifty/Object.pm
Jifty::Request::Action
in lib/Jifty/Request.pm
Jifty::Request::Fragment
in lib/Jifty/Request.pm
Jifty::Request::StateVariable
in lib/Jifty/Request.pm
Jifty::Script
in lib/Jifty/Script.pm
Jifty::Test
in lib/Jifty/Test.pm
Jifty::Upgrade::Internal
in lib/Jifty/Upgrade/Internal.pm
Jifty::Web::Form
in lib/Jifty/Web/Form.pm
Jifty::Web::Form::Field::Button
in lib/Jifty/Web/Form/Field/Button.pm
Jifty::Web::Form::Field::Checkbox
in lib/Jifty/Web/Form/Field/Checkbox.pm
Jifty::Web::Form::Field::Combobox
in lib/Jifty/Web/Form/Field/Combobox.pm
Jifty::Web::Form::Field::Date
in lib/Jifty/Web/Form/Field/Date.pm
Jifty::Web::Form::Field::Hidden
in lib/Jifty/Web/Form/Field/Hidden.pm
Jifty::Web::Form::Field::InlineButton
in lib/Jifty/Web/Form/Field/InlineButton.pm
Jifty::Web::Form::Field::Password
in lib/Jifty/Web/Form/Field/Password.pm
Jifty::Web::Form::Field::Radio
in lib/Jifty/Web/Form/Field/Radio.pm
Jifty::Web::Form::Field::ResetButton
in lib/Jifty/Web/Form/Field/ResetButton.pm
Jifty::Web::Form::Field::Select
in lib/Jifty/Web/Form/Field/Select.pm
Jifty::Web::Form::Field::Textarea
in lib/Jifty/Web/Form/Field/Textarea.pm
Jifty::Web::Form::Field::Unrendered
in lib/Jifty/Web/Form/Field/Unrendered.pm
Jifty::Web::Menu
in lib/Jifty/Web/Menu.pm

Other files