Resources    ----)    This Page

Please link to us if you found this Page useful

• Report Papers
• Research
• Publications
• Consulting
• Courses
• Resources
• Shop
• About
• Contact Us

Perl Snippets

Perl, the Practical Extraction and Report Language, is designed to make the easy jobs easy, without making the hard jobs impossible *. We give several snippets of Perl, whose use can either be problematic or reveals interesting featues of the scripting language.

Table of Contents Domain Gate-Keeper Use strict!

Amazon:

Domain Gate-Keeper

In order to prevent unauthorized use of cgi-bin perl scripts, a useful device is to restrict use to designated domain(s) by means of something like

$allowed_domains = 'domain1|domain2|domain3';
if($ENV{'HTTP_REFERER'} !~ /$allowed_domains/)
{
#########################################
## Insert here what happens to requests 
## from non-allowed domains. This often 
## a web page telling the visiter that 
## he is blocked - and why.
#########################################
}
#########################################
## Insert here what happens to requests 
## from allowed domains. This is usually 
## the rest of the program.
#########################################

The allowed domains, domain1, domain2, etc. are given in the $allowed_domains string, each domain name being separated by a pipe. Entry is normally blocked also from bookmarks and desktop short cuts.

For example, the script below (Gatekeeper01.pl) gives a welcoming web page to vistors from allowed domains, but tells others to keep out.

## ## Gatekeeper01.pl ## #!/bin/perl $allowed_domains = 'colin-baxter.com|localhost'; if($ENV{'HTTP_REFERER'} !~ /$allowed_domains/) { print "Content-Type: text/html\n\n"; print <<EOT; <HTML> <HEAD> <TITLE>Keep out</TITLE> </HEAD> <body> <H1>Keep out</H1> </body> </html> EOT exit; } print "Content-Type: text/html\n\n"; print <<EOT; <HTML> <HEAD> <TITLE>Welcome!!!</TITLE> </HEAD> <body> <H1>Welcome!!</H1> </body> </html> EOT exit;

Amazon:

Use strict!

A good habit to get into is always to use strict. For example, a gate-keeper script (Gatekeeper02.pl) in the form

## ## Gatekeeper02.pl ## #!/bin/perl -w no strict 'vars'; $No_Entry = 'print "Content-Type: text/html\n\n"; <HTML> <HEAD> <TITLE>Keep out</TITLE> </HEAD> <body> <H1>Keep out</H1> </body> </html>'; $Entry = 'print "Content-Type: text/html\n\n"; <HTML> <HEAD> <TITLE>Welcome!!!</TITLE> </HEAD> <body> <H1>Welcome!!</H1> </body> </html>'; $allowed_domains = 'colin-baxter.com|lot'; if($ENV{'HTTP_REFERER'} !~ /$allowed_domains/) { print "$No_Entry\n\n"; exit; } print "$Entry\n\n"; exit;

Amazon:

also works, providing there is a blank line between the variables $No_Entry, $Entry and the subsequent html statements. Of course, Gatekeeper02.pl ought not to work since the variables are badly declared. This becomes evident when use strict 'vars' is substituted for no strict 'vars'.

It is best to use strict with no import list to catch all possible errors: those generated by symbolic references ('refs'); those generated by the use of bareword identifiers that are not declared subroutines ('subs') and finally those generated when a variable is not fully declared ('vars').

Go to top of page

*     Programming Perl, Larry Wall, et al. Published by O'Reilly.

This Page was last updated May, 2010