rastoboy has asked for the wisdom of the Perl Monks concerning the following question:

I'm needing to access XML api's via URL for multiple different systems. So for example with cpanel: 

http://<example.com>:2807/xml-api/setupreseller?user=bob&makeowner=1

[download]

But somehow, this just seems wrong wrong wrong: 

my $url = "http://$domain:2087/xml-api/$class?user=$user&$function=1";

[download]

Is there a good tool to use where I could just make a hash and send it to it or something elegant like that?

Replies are listed 'Best First'.
Re: Clean way to build URI's?
by ikegami (Patriarch) on Feb 02, 2010 at 17:28 UTC

    If the source of $domain is trusted, interpolation is fine because the domain can't contain any character that need escaping. That's not the case for $class, $user and $function. If they're untrusted or if they can contain most of anything other than letters and digits, they need to be escaped.

    Here's a solution using URI. 

    use URI qw( );

my $url = URI->new("http://$domain:2087");
$url->path_segments('xml-api', $class);
$url->query_form( user => $user, $function => 1 );

print "$url\n";

    [download]

    Or if you don't trust $domain, 

    use URI qw( );

my $url = URI->new('', 'http');
$url->host("$domain:2087");
$url->path_segments('xml-api', $class);
$url->query_form( user => $user, $function => 1 );

print "$url\n";

    [download]
[reply]
[d/l]
[select]
      Thanks to you all! I'll have a play with CGI::Enurl and URI both.

      I had checked our URI, but it didn't look like what I needed--but I see now I was mistaken :-)
      Thanks again!

[reply]
Re: Clean way to build URI's?
by Jenda (Abbot) on Feb 02, 2010 at 15:34 UTC 
    use CGI::Enurl qw(enurl);
my $url = "http://$domain:2087/xml-api/$class?" 
 . enurl({ user => $user, $function => 1});

    [download]

    If you need to you can encode even the $class but I would assume that one is safe. See CGI::Enurl.

    Jenda
    Enoch was right!
    Enjoy the last years of Rome.

[reply]
[d/l]
Re: Clean way to build URI's?
by BrowserUk (Patriarch) on Feb 02, 2010 at 11:31 UTC
    But somehow, this just seems wrong wrong wrong:

    Why?

[reply]
      Because it doesn't URL-encode characters in the interpolated strings, so the outcome is not guaranteed to be a syntactically valid URI.

      Maybe the URI module would be more appropriate?

      Perl 6 - links to (nearly) everything that is Perl 6.
[reply]

        I was asking why the OP thought so. Now we'll never know for sure.

        BTW:URL encoding is easily applied after the interpolation.

[reply]
      It's just my intuition, to be candid. Some part of my mind just screams "unclean!" :-)
[reply]

        That's kinda what I thought. Thanks for being candid.

        So long as you url-encode your bits before (not after as I accidentally typed above), you interpolate them, pretty much all the complex OO buys you is overhead, because that's pretty much all it is doing under the covers.

        Of course, it may, (probably will be), the case that you can live with the overhead, and even that you like the interface, in which case use the module. But know why you're doing so. What it buys you. And what it doesn't.

        Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
        "Science is about questioning the status quo. Questioning authority".
        In the absence of evidence, opinion is indistinguishable from prejudice.
[reply]

Back to Seekers of Perl Wisdom