in reply to Re: Using Regexp Patterns as Variables
in thread Using Regexp Patterns as Variables

This worked kyle: 
my $out = '/s/Products/$1';

$ENV{REQUEST_URI} =~ s/$in/eval qq{"$out"}/ie;

[download]
I fully understand the security implications of doing this. But, as I mentioned the people creating these rules also have full access to the machine running the site. So as to say, it's a trusted source.

Thanks for your help!

Replies are listed 'Best First'.
Re^3: Using Regexp Patterns as Variables
by kyle (Abbot) on Mar 18, 2009 at 17:08 UTC

    What ikegami points out is also important to recognize. Anyone who can access to the site can feed in a URL with anything in it. As such, they may be able to choose a value for $1 with Dire Consequences.

    For example, $1 = q{";system('shutdown -h now');"}

[reply]
[d/l]
[select]
      Ok, I see what you are saying. But, would that really happen execute?

      For example: 

      #!/usr/bin/perl

use strict;
use warnings;

$ENV{REQUEST_URI} = "/Products/bt-;system('ls -l');.aspx";

my $in  = '/Products/bt-(.*?).aspx';
my $out = '/s/Products/$1';

$ENV{REQUEST_URI} =~ s#$in#eval qq{"$out"}#ie;

print "$ENV{REQUEST_URI}\n";

      [download]
      Prints out this: 
      /Products/bt-;system('ls -l');.aspx

      [download]
      But, the eval isn't actually executing that command. Or, did I not do this test correctly?
[reply]
[d/l]
[select]

        The test I had in mind was what you have but with: 

        $ENV{REQUEST_URI} = q{/Products/bt-";system('ls -l');".aspx};

        [download]

        I tried that too, and it also doesn't do anything. That's because all eval sees is ""/s/Products/$1"". The variable gets interpolated, but it doesn't execute the result. Given that, maybe there really isn't anything the user can do.

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom