omniti-labs / mungo Goto Github PK

Setting status code is icky and undocumented. Mungo::Response seems to overwrite the value several times. Clarify and make better.

  $Response->status(404);

While HTTP_X_FORWARDED_FOR and REMOTE_ADDR probably have the best chance of capturing a client's IP, there are some other's that could be checked as well with lesser precedence, depending on how robust you want it to be. HTTP_VIA, HTTP_CLIENT_IP, etc

Per trac3, errors at runtime or compile time within a module should dump the module source code to the browser. Instead, we only see the error message.

Specimen tests, from 13-errors.t series:

Runtime die within a custom loaded module

Attempt to use module that won't compile

Reported by jesus on 1 Jan 1970 00:19 UTC
Query String params aren't decoded in mod_perl 2.

When only private IP's are available, REMOTE_IP returns undef because private IP's are being filtered away.

Solution in this case would be to return the first defined IP address in the list when only private IP's exist.

Reported by lfayer on 1 Jan 1970 00:20 UTC
Add referrer option to $Request->ServerVariables

Reported by jesus on 1 Jan 1970 00:19 UTC
When there is a template compile error, a code sample is shown identifying the location of the problem. The same thing should be done for run-time errors.

Cookie handling docs are poor. Some mention in Mungo::Response, but none in Mungo::Request, and only a stub

in Mungo::Cookie.

Any exception thrown using Carp::croak() will cause the source code of the Carp module itself to be printed to the browser.

Reported by jesus on 1 Jan 1970 00:19 UTC

sub URLDecode {
  my $self = shift;
  my $s = shift;
  $s =~ s/%([a-fA-F0-9]{2})/chr(hex($1))/eg;
  return $s;
}

Reported by jesus on 1 Jan 1970 00:20 UTC
And upload interrupted produces an error message. Next load of the Apache child produces as segfault.

Reported by jesus on 1 Jan 1970 00:19 UTC
AUTOLOADs are making misspelled functions return undef.

Remove that old debugging.

Reported by brian on 1 Jan 1970 00:19 UTC

These functions don't exist yet.

Reported by jesus on 1 Jan 1970 00:20 UTC
POSTing data via XMLHTTPRequest is failing to produce data in $Request->Params() and $Request->Form();

Reported by jesus on 1 Jan 1970 00:20 UTC
The Mungo::Response is a tied hash and there is a lot of lookups of keys within the module itself $self->{key}. This causes large overhead and the ugly peeking into the tied internals should be done for performance reasons within the module proper.

Reported by jesus on 1 Jan 1970 00:19 UTC
Large file uploads result in zero bytes available on the file handle.

Reported by jesus on 1 Jan 1970 00:19 UTC
Error reporting should show compile and runtime errors the same and it should display the contents of perl modules if they are the culprit (not just ASP pages).

POD is more up to date, but Labs site may have some more content.

Consider something like pod2trac and generate docs straight off the POD.

Reported by jesus on 1 Jan 1970 00:19 UTC
If we die, Mungo::Response formats us an error (optionally with a stack trace and code highlighting). This is great for debugging, but in production apps we want to pretty print "something else."

Allow us to replace the way errors are rendered.

Reported by jschulz on 1 Jan 1970 00:19 UTC
Mungo currently defaults to serving all files as text/html. It should try to use any existing Apache (mod_mime) settings before finally falling back to text/html.

'''To reproduce''', add the following to httpd.conf

<Files ~ (\.(asp|css|js|html|xml))>    
   SetHandler  perl-script
   PerlSetVar StatINC 1
   PerlHandler Mungo
</Files>

Now, all files with those extensions will be served as text/html, even JavaScript and CSS.
If a doctype of:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
                                "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

is added, the page will "break" because the CSS and JavaScript will not be recognized as the appropriate type of file.

The page will lack any CSS styling and any JavaScript will not function.

'''Remedy:'''
You can add the following to httpd.conf

<Files ~ (\.(css))> 
   PerlSetVar MungoContentType 'text/css'
</Files>

<Files ~ (\.(js))> 
   PerlSetVar MungoContentType 'text/javascript'
</Files>

<Files ~ (\.(xml))> 
   PerlSetVar MungoContentType 'text/xml'
</Files>

but Mungo should respect (or at least try to obtain) those types already set in conf/mime.types.

If reading from conf/mime.types is too difficult/expensive, a single place (mungo.mime ?) to record all those associations would be appreciated.

Add a property to Response, PreferredLanguage?.

When calling the i18nHandler, if PreferredLanguage? is set, send it as the second arg. If not set, parse the Accept-Language header and sent its values as an array ref.

No tests cover Mungo::Quiet. Especially need tests to check the Apache error log (Apache::Test provides facilities for this).

Reported by jesus on 1 Jan 1970 00:19 UTC
Mungo is only Apache1/mod_perl1 accessible now. Fix this.

Reported by jesus on 1 Jan 1970 00:19 UTC
open in 5.8 works better than IO::Scalar. Use that.

This will cause an error: <%

my $embedded = '<%= "some text" %>'; # mis-parse on this line

%>

Mungo does not check to see if a start tag is quoted.

Workaround currently include slash-escaping or breaking the string into pieces.

Test 07-include/include-string currently uses the workaround (rev61) Test 04-parser/quoted-start-tag-bug17 currently demonstrates the problem (rev61)