Recently I wanted to change the LOGIN method from GET to POST so that the login credntials are hidden. I'm using Apache::AuthCookie (2.39) and Apache::AuthCookieDBI (1.19) for authentication.
Unfortunately, this produced the undesired and unexpected result of a Perl syntax failure in AuthCookie.pm. Here's the top part of the file:
It's on that last line that the error (Undefined subroutine &Apache::AuthCookie::escape_uri called at /usr/lib/perl5/site_perl/5.8.0/Apache/AuthCookie.pm line 55) is popping up (because I've tried using a POST method), but I don't understand how Perl could think that escape_uri might be a local routine when it's declared above as coming from Apache::Util. Can someone explain that to me?package Apache::AuthCookie; use strict; use Carp; use mod_perl qw(1.07 StackedHandlers MethodHandlers Authen Authz); use Apache qw(unescape_url_info); # XXX New use Apache::Const qw(:common M_GET FORBIDDEN REDIRECT); use Apache::AuthCookie::Util; use Apache::Util qw(escape_uri); use vars qw($VERSION); # $Id: AuthCookie.pm,v 2.39 2002/09/25 16:44:31 mschout Exp $ $VERSION = '3.04'; sub recognize_user ($$) { my ($self, $r) = @_; my $debug = $r->dir_config("AuthCookieDebug") || 0; my ($auth_type, $auth_name) = ($r->auth_type, $r->auth_name); return unless $auth_type && $auth_name; return unless $r->header_in('Cookie'); my ($cookie) = $r->header_in('Cookie') =~ /${auth_type}_${auth_name}=([^;]+)/; $r->log_error( "cookie ${auth_type}_${auth_name} is $cookie") if $debug >= 2; return unless $cookie; my ($user,@args) = $auth_type->authen_ses_key($r, $cookie); if ($user and scalar @args == 0) { $r->log_error("user is $user") if $debug >= 2; $r->user($user); } elsif (scalar @args > 0 and $auth_type->can('custom_errors')) { return $auth_type->custom_errors($r, $user, @args); } return OK; } # convert current request to GET sub _convert_to_get { my ($self, $r, $args) = @_; return unless $r->method eq 'POST'; my $debug = $r->dir_config("AuthCookieDebug") || 0; $r->log_error("Converting POST -> GET") if $debug >= 2; my @pairs =(); while (my ($name, $value) = each %$args) { # we dont want to copy login data, only extra data next if $name eq 'destination' or $name =~ /^credential_\d+$/; $value = '' unless defined $value; push @pairs, escape_uri($name) . '=' . escape_uri($value);
I've also asked about the error on #apache and been roundly ignored -- that's OK, IRC (freenode.net, in this case) can be a hit-or-miss proposition anyway.
Update: Thanks to jeffa and others for good suggestions .. once I put Apache::Util in front of the escape_uri call I got a different error from another part of the code, which a little hacking has not solved. So for now I'll abandon the plan to use POST instead of GET.
In reply to Wondering why Perl thinks escape_uri is undefined by talexb
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |