The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
 / 
Shadowd-Connector-2.0.0
River stage zero No dependents
++
/ Shadowd::Connector::Mojolicious

NAME

Shadowd::Connector::Mojolicious - Shadow Daemon Mojolicious Connector

VERSION

Version 2.0.0

SYNOPSIS

Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.

Shadowd::Connector::Mojolicious is the Shadow Daemon connector for Perl Mojolicious applications. To use this module you have to create a hook that is executed on every request and pass the Mojolicious controller object to the constructor.

Mojolicious

    use Shadowd::Connector::Mojolicious;
    
    sub startup {
      my $app = shift;
    
      $app->hook(before_dispatch => sub {
        my $self = shift;
        return Shadowd::Connector::Mojolicious->new($self)->start();
      });

      # ...
    }

Mojolicious::Lite

    use Shadowd::Connector::Mojolicious;
    
    under sub {
      my $self = shift;
      return Shadowd::Connector::Mojolicious->new($self)->start();
    };

METHODS

new($query)

This method is a simple constructor for an object oriented interface. It requires a Mojolicious controller object as parameter.

get_client_ip()

This method returns the IP address of the client with the help of the controller. If Mojolicious is configured correctly this is the correct IP address even if a reverse proxy is used.

get_caller()

This method returns the caller with the help of the controller. Since everything is routed through a front controller the selected route is the caller.

get_resource()

This method returns the request resource.

gather_input()

This method gathers the user input with the help of the controller.

defuse_input($threats)

This method defuses dangerous input with the help of the controller.

gather_hashes()

This module does not support the integrity check, because everything is routed through one file.

error()

This method renders an error message with the help of the controller.

AUTHOR

Hendrik Buchwald, <hb@zecure.org>

BUGS

Please report any bugs or feature requests to bug-shadowd-connector@rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Shadowd-Connector. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

It is also possible to report bugs via Github at https://github.com/zecure/shadowd_perl/issues.

SUPPORT

You can find documentation for this module with the perldoc command.

    perldoc Shadowd::Connector

You can also look for information at:

LICENSE AND COPYRIGHT

Shadow Daemon -- Web Application Firewall

Copyright (C) 2014-2016 Hendrik Buchwald <hb@zecure.org>

This file is part of Shadow Daemon. Shadow Daemon is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.