Re^4: prevent perl script running from browser

Replies are listed 'Best First'.
Re^5: prevent perl script running from browser by afoken (Chancellor) on Oct 01, 2017 at 10:15 UTC
You alter/assign referrer, either in perl scripting or browser plugin. Yes, but that does not matter. The idea is that `$ENV{'HTTP_REFERER'}` is set to some nonsense only if running as CGI. Unfortunately, this is not entirely true. Clients can choose not to send a `Referer` header, so you might run a CGI with `$ENV{'HTTP_REFERER'}` not set. Using $ENV{'GATEWAY_INTERFACE'} should be reliable. It is set by the webserver, it is always set, and it is set to a constant value independent from the HTTP request. Alexander -- Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)	[reply] [d/l] [select]
Re^6: prevent perl script running from browser by marto (Cardinal) on Oct 01, 2017 at 10:39 UTC
All of this seems moot to me. I can't think of a scenario where having something only to be run locally is hosted in this way.	[reply]
Re^7: prevent perl script running from browser by snowchild (Novice) on Oct 01, 2017 at 15:17 UTC
How about this scenario. The script takes plain text from forms input as a parameter and encrypts it using GnuPg then emails the result to us. So yes it would be nice if it were not public accessible from a browser.	[reply]
Re^8: prevent perl script running from browser by afoken (Chancellor) on Oct 01, 2017 at 18:35 UTC
Re^8: prevent perl script running from browser by marto (Cardinal) on Oct 01, 2017 at 16:24 UTC