NAME
Apache::OneTimeURL - One-time use URLs for sensitive data
SYNOPSIS
PerlModule Apache::OneTimeURL
<Location /secret>
PerlHandle Apache:OneTimeURL
SetHandler perl-script
PerlSetVar OneTimeDb /opt/secret/access.db
PerlSetVar OneTimeDoc /opt/secret/realfile.html
PerlSetVar OneTimeEmail intruder@simon-cozens.org
</Location>
authorize.pl:
#!/usr/bin/perl
use Apache::OneTimeURL;
my $comments = join " ", @ARGV;
my $db = "/opt/secret/access.db";
print "http://www.my.server.int/secret/",
Apache::OneTimeURL->authorize($db, $comments),
"\n";
Now:
% authorize.pl Given to Simon C on IRC
http://www.my.server.int/secret/2c61de78edd612cf79c0d73a3c7c94fb
This URL will only be viewable once, and will then return an error. For the first five times that the URL is accessed in error, a mail will be sent to the email address given in the config. The number of times can be configured with the OneTimeMailCount
variable; if you don't want any mail, set this to minus one.
DESCRIPTION
The synopsis pretty much wraps it up. I'm paranoid about giving out certain information, and although I can't really control what people do with the HTML when they download it, I can damned well ensure that URLs in mail I send don't end up on the web and being a liability. Hence the desire for a URL that's only valid once. You may have your own interesting uses for such a set-up.
I've hopefully designed the module so that if there's some aspect of its behaviour you don't like, you can switch to the "method handler" style (ie. PerlHandler Apache::OneTime::URL->handler
and subclass to override the bits you're unhappy about. This may be easier than convincing me to make changes to the module.
THANKS
Peter Sergeant offered several useful ideas which contributed to the 1.1 and 1.2. releases of this module.
REPOSITORY
https://github.com/neilb/Apache-OneTimeURL
AUTHOR
Simon Cozens, simon@kasei.com
COPYRIGHT AND LICENSE
Copyright 2003 Simon Cozens.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.