Difference between revisions of "Catalyst"
| Line 97: | Line 97: | ||
(note the trailing slash) results in a default welcome screen. (If the result is a 500, something wasn't set up correctly.) | (note the trailing slash) results in a default welcome screen. (If the result is a 500, something wasn't set up correctly.) | ||
| + | |||
| + | ====Massive redirection prowess==== | ||
| + | |||
| + | For functional security, these features would be desirable: | ||
| + | |||
| + | * The Catalyst project exists ''outside'' the website directory, so the probability of files being exposed due to misconfiguration is reduced. | ||
| + | ** e.g. The website root is /home/someuser/sub.example.com but the project is /home/someuser/projects/Foo | ||
| + | * The dispatch script cannot be accessed directly from the browser. | ||
| + | ** e.g. http://sub.example.com/d/dispatch.fcgi/ is not equivalent to http://sub.example.com/ | ||
| + | ** e.g. http://sub.example.com/d/dispatch.fcgi/bar is not equivalent to http://sub.example.com/bar | ||
| + | * Rewrites exist so that the URL to the dispatch script or its directory is redirected into the dispatcher. | ||
| + | ** e.g. http://sub.example.com/d from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d internally. | ||
| + | ** e.g. http://sub.example.com/d/ from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/ internally. | ||
| + | ** e.g. http://sub.example.com/d/dispatch.fcgi from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/dispatch.fcgi internally. | ||
| + | ** e.g. http://sub.example.com/d/dispatch.fcgi/ from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/dispatch.fcgi/ internally. | ||
| + | ** e.g. http://sub.example.com/d/dispatch.fcgi/bar from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/dispatch.fcgi/bar internally. | ||
Revision as of 11:59, 15 January 2015
Notes on Catalyst, an MVC web framework for perl.
Contents
Installation
Other people's instructions
On Dreamhost with perlbrew
Here, I am using perlbrew instead of the typical instructions, and hope to bypass the whole local::lib thing.
Presume that myperl is a perlbrew environment that's already been set up and that its executable is at
/home/someuser/perl5/perlbrew/perls/myperl/bin/perl
Install modules with cpanm:
perlbrew use myperl
cpanm Catalyst::Runtime Catalyst::Devel
Version check
Run the following, which always fails:
perl -M"Catalyst 999"
If the failure is about a version number, the install worked (and the error displays the version number). Otherwise, there was a problem.
Link catalyst.pl
Instructions and tutorials refer to the bootstrap script catalyst.pl. This is installed in the bin dir of the perlbrew environment:
/home/someuser/perl5/perlbrew/perls/myperl/bin/catalyst.pl
To make this less of a mouthful, make this accessible from your path. In this example, I'll qualify it with the name of the perlbrew env in case I want to set this up for multiple sites; anytime the doc says "catalyst.pl" I'll substitute "myperl-catalyst.pl".
ln -s /home/someuser/perl5/perlbrew/perls/myperl/bin/catalyst.pl ~/bin/myperl-catalyst.pl
Test on a site
Here, sub.example.com is a domain that has been set up with FastCGI enabled.
Save the following script, modify the variables SITENAME, CATALYST, PERLENV, and PARENT as necessary, and run. This script will:
- Go to the root specified by $PARENT
- Create a new, empty site named $SITENAME at $PARENT/$SITENAME
- Create and chmod $PARENT/$SITENAME/script/dispatch.fcgi to automatically run the generated FastCGI script
- The reason for this naming is discussed in the Dreamhost wiki.
- This part is skipped if catalyst.pl has not generated the expected *_fastcgi.pl file.
- Replace all instances of "/usr/bin/env perl" with the path of the specified perlbrew perl
- Run perl Makefile.PL, as suggested by catalyst.pl to "make sure your install is complete"
#!/bin/bash
# Load perlbrew env
source ~/perl5/perlbrew/etc/bashrc
SITENAME=Foo
CATALYST=catalyst.pl
PERLENV=myperl
PARENT=~/sub.example.com
myperl="`perlbrew use "$PERLENV" && which perl`"
perlbrew use "$PERLENV" &&
cd "$PARENT" &&
"$CATALYST" "$SITENAME" &&
cd "$SITENAME" &&
(
cd script &&
for fcs in *_fastcgi.pl; do
cat > dispatch.fcgi <<EOF &&
#!/usr/bin/env perl
do '$fcs';
EOF
chmod 755 dispatch.fcgi
done
) &&
# This part corrects all the "/usr/bin/env perl" shebangs with the perlbrew perl
find -type f -exec perl -p -i -e "s!/usr/bin/env perl!$myperl!g" {} \; &&
# "make sure your install is complete"
perl Makefile.PL
After this, visiting the page
http://sub.example.com/Foo/script/dispatch.fcgi/
(note the trailing slash) results in a default welcome screen. (If the result is a 500, something wasn't set up correctly.)
Massive redirection prowess
For functional security, these features would be desirable:
- The Catalyst project exists outside the website directory, so the probability of files being exposed due to misconfiguration is reduced.
- e.g. The website root is /home/someuser/sub.example.com but the project is /home/someuser/projects/Foo
- The dispatch script cannot be accessed directly from the browser.
- e.g. http://sub.example.com/d/dispatch.fcgi/ is not equivalent to http://sub.example.com/
- e.g. http://sub.example.com/d/dispatch.fcgi/bar is not equivalent to http://sub.example.com/bar
- Rewrites exist so that the URL to the dispatch script or its directory is redirected into the dispatcher.
- e.g. http://sub.example.com/d from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d internally.
- e.g. http://sub.example.com/d/ from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/ internally.
- e.g. http://sub.example.com/d/dispatch.fcgi from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/dispatch.fcgi internally.
- e.g. http://sub.example.com/d/dispatch.fcgi/ from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/dispatch.fcgi/ internally.
- e.g. http://sub.example.com/d/dispatch.fcgi/bar from the browser is redirected to http://sub.example.com/d/dispatch.fcgi/d/dispatch.fcgi/bar internally.
