/ 
Mojolicious-3.21
⭐ Starred 2674
/ Mojolicious::Commands
Security Advisories (10)
CPANSA-Mojolicious-2022-03 (2022-12-10)

Mojo::DOM did not correctly parse <script> tags.

CPANSA-Mojolicious-2021-02 (2021-06-01)

Small sessions could be used as part of a brute-force attack to decode the session secret.

CVE-2021-47208 (2021-03-16)

A bug in format detection can potentially be exploited for a DoS attack.

CVE-2018-25100 (2018-02-13)

Mojo::UserAgent::CookieJar leaks old cookies because of the missing host_only flag on empty domain.

CPANSA-Mojolicious-2015-01 (2015-02-02)

Directory traversal on Windows

CPANSA-Mojolicious-2018-03 (2018-05-19)

Mojo::UserAgent was not checking peer SSL certificates by default.

CVE-2020-36829 (2020-11-10)

Mojo::Util secure_compare can leak the string length. By immediately returning when the two strings are not the same length, the function allows an attacker to guess the length of the secret string using timing attacks.

CPANSA-Mojolicious-2018-02 (2018-05-11)

GET requests with embedded backslashes can be used to access local files on Windows hosts

CPANSA-Mojolicious-2014-01 (2014-10-07)

Context sensitivity of method param could lead to parameter injection attacks.

CVE-2024-58134 (2025-05-03)

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default. These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user's session.

NAME

Mojolicious::Commands - Command line interface

SYNOPSIS

use Mojolicious::Commands;

my $commands = Mojolicious::Commands->new;
push @{$commands->namespaces}, 'MyApp::Command';

DESCRIPTION

Mojolicious::Commands is the interactive command line interface to the Mojolicious framework. It will automatically detect available commands in the Mojolicious::Command namespace.

COMMANDS

These commands are available by default.

help

$ mojo
$ mojo help
$ ./myapp.pl help

List available commands with short descriptions.

$ mojo help <command>
$ ./myapp.pl help <command>

List available options for the command with short descriptions.

cgi

$ ./myapp.pl cgi

Start application with CGI backend, usually auto detected.

cpanify

$ mojo cpanify -u sri -p secr3t Mojolicious-Plugin-Fun-0.1.tar.gz

Upload files to CPAN.

daemon

$ ./myapp.pl daemon

Start application with standalone HTTP server backend.

eval

$ ./myapp.pl eval 'say app->home'

Run code against application.

generate

$ mojo generate
$ mojo generate help
$ ./myapp.pl generate help

List available generator commands with short descriptions.

$ mojo generate help <generator>
$ ./myapp.pl generate help <generator>

List available options for generator command with short descriptions.

generate app

$ mojo generate app <AppName>

Generate application directory structure for a fully functional Mojolicious application.

generate lite_app

$ mojo generate lite_app

Generate a fully functional Mojolicious::Lite application.

generate makefile

$ mojo generate makefile
$ ./myapp.pl generate makefile

Generate Makefile.PL file for application.

generate plugin

$ mojo generate plugin <PluginName>

Generate directory structure for a fully functional Mojolicious plugin.

get

$ mojo get http://mojolicio.us
$ ./myapp.pl get /foo

Perform requests to remote host or local application.

inflate

$ ./myapp.pl inflate

Turn templates and static files embedded in the DATA sections of your application into real files.

psgi

$ ./myapp.pl psgi

Start application with PSGI backend, usually auto detected.

routes

$ ./myapp.pl routes

List application routes.

test

$ mojo test
$ ./myapp.pl test
$ ./myapp.pl test t/fun.t

Runs application tests from the t directory.

version

$ mojo version
$ ./myapp.pl version

Show version information for installed core and optional modules, very useful for debugging.

ATTRIBUTES

Mojolicious::Commands inherits all attributes from Mojolicious::Command and implements the following new ones.

hint

my $hint  = $commands->hint;
$commands = $commands->hint('Foo!');

Short hint shown after listing available commands.

message

my $message = $commands->message;
$commands   = $commands->message('Hello World!');

Short usage message shown before listing available commands.

namespaces

my $namespaces = $commands->namespaces;
$commands      = $commands->namespaces(['MyApp::Command']);

Namespaces to load commands from, defaults to Mojolicious::Command.

# Add another namespace to load commands from
push @{$commands->namespaces}, 'MyApp::Command';

METHODS

Mojolicious::Commands inherits all methods from Mojolicious::Command and implements the following new ones.

detect

my $env = $commands->detect;
my $env = $commands->detect($guess);

Try to detect environment.

run

$commands->run;
$commands->run(@ARGV);

Load and run commands. Automatic deployment environment detection can be disabled with the MOJO_NO_DETECT environment variable.

start

Mojolicious::Commands->start;
Mojolicious::Commands->start(@ARGV);

Start the command line interface for automatically detected application, usually the value of the MOJO_APP environment variable or Mojo::HelloWorld.

# Always start daemon and ignore @ARGV
Mojolicious::Commands->start('daemon', '-l', 'http://*:8080');

start_app

Mojolicious::Commands->start_app('MyApp');
Mojolicious::Commands->start_app(MyApp => @ARGV);

Load application and start the command line interface for it.

# Always start daemon for application and ignore @ARGV
Mojolicious::Commands->start_app('MyApp', 'daemon', '-l', 'http://*:8080');

SEE ALSO

Mojolicious, Mojolicious::Guides, http://mojolicio.us.