all your uri are belong to us
play

All Your URI are Belong to Us Geoffrey Young - PowerPoint PPT Presentation

Nov 08, 2022 •245 likes •529 views

All Your URI are Belong to Us Geoffrey Young geoff@modperlcookbook.org 1 http://www.modperlcookbook.org/~geoff/ Apache Request Cycle Client Request Logging URI-based Init Content URI Translation Fixups File-Based Init Resource Control

  1. All Your URI are Belong to Us Geoffrey Young geoff@modperlcookbook.org 1 http://www.modperlcookbook.org/~geoff/

  2. Apache Request Cycle Client Request Logging URI-based Init Content URI Translation Fixups File-Based Init Resource Control Mime Setting 2 http://www.modperlcookbook.org/~geoff/

  3. Apache Request Cycle Client Request Client Request URI-based Init URI-based Init URI Translation 3 http://www.modperlcookbook.org/~geoff/

  4. URI Translation • Apache needs to map the URI to a physical file on disk • Default is to prepend DocumentRoot to the URI DocumentRoot /usr/local/apache/htdocs 4 http://www.modperlcookbook.org/~geoff/

  5. URI Translation • Directives like Alias override the default DocumentRoot /usr/local/apache/htdocs Alias /manual/ /usr/local/apache/manual/ <Directory /usr/local/apache/manual> ... </Directory> • Some URIs have no associated file, but Apache tries anyway <Location server-status> ... </Location> 5 http://www.modperlcookbook.org/~geoff/

  6. PerlTransHandler Client Request Client Request URI-based Init URI-based Init PerlTransHandler 6 http://www.modperlcookbook.org/~geoff/

  7. PerlTransHandler • Useful for overriding the Apache default • Allows you to be extremely devious • There are a few pitfalls of which to be aware 7 http://www.modperlcookbook.org/~geoff/

  8. Simple PerlTransHandler • Be rid of those silly favicon.ico requests that end up 404 • Translate the incoming URI to a common place if it matches favicon.ico 8 http://www.modperlcookbook.org/~geoff/

  9. package Cookbook::Favicon; use Apache::Constants qw(DECLINED); use strict; sub handler { my $r = shift; $r->uri("/images/favicon.ico") if $r->uri =~ m!/favicon\.ico$!; return DECLINED; } 1; 9 http://www.modperlcookbook.org/~geoff/

  10. Client Request GET /foo/bar/baz/biff/favicon.ico HTTP/1.1 Host: www.example.com 10 http://www.modperlcookbook.org/~geoff/

  11. Client Request Client Request URI-based Init URI-based Init PerlTransHandler URI: /foo/bar/baz/biff/favicon.ico 11 http://www.modperlcookbook.org/~geoff/

  12. Client Request Client Request URI-based Init URI-based Init PerlTransHandler core translation FILE: /usr/local/apache/htdocs/images/favicon.ico 12 http://www.modperlcookbook.org/~geoff/

  13. Setup • add Favicon.pm to @INC ServerRoot /lib/perl/Cookbook/Favicon.pm • add to httpd.conf PerlModule Cookbook::Favicon PerlTransHandler Cookbook::Favicon • that's it! 13 http://www.modperlcookbook.org/~geoff/

  14. Winner Takes All • The first URI translation handler to return OK ends the phase –mod_perl or otherwise • Perl handlers usually return DECLINED –lets Apache's core translation engine do the filesystem mapping • Return OK only when you map the file to disk yourself 14 http://www.modperlcookbook.org/~geoff/

  15. Why Not Use mod_rewrite? • our Cookbook::Favicon is pretty much the same as RewriteRule /favicon.ico$ /images/favicon.ico • We did it in Perl • With Perl comes great power 15 http://www.modperlcookbook.org/~geoff/

  16. URI-based Sessions • A simple cookie-less session scheme stores the session in the URI • Storage can occur in the PATH_INFO http://manual/index.html/a92c5e • Or at the start of the URI http://a92c5e/manual/index.html • The second form has some distinct advantages 16 http://www.modperlcookbook.org/~geoff/

  17. package Cookbook::URISessionManager; use Apache::Constants qw(DECLINED OK); use Apache::URI; sub get_session { my $r = shift; my $uri = $r->parsed_uri; # Separate the MD5 session from the real path. my ($session, $path) = $uri->path =~ m!^/([a-fA-F0-9]{32})(/.*)!; return DECLINED unless $session; # Now, put the session in a note... $r->notes(SESSION => $session); # ... and set the URI to the proper path. $r->uri($path); return DECLINED; } 1; 17 http://www.modperlcookbook.org/~geoff/

  18. Advantages • Session parsing is done up front –everyone else gets the session from notes my $session = $r->notes('SESSION'); –even C handlers! –true even if you use PATH_INFO • Browsers take care of adding the session to relative links for you 18 http://www.modperlcookbook.org/~geoff/

  19. Disadvantages • The main problem with URI-based sessions is "session leakage" • Session data will show up in Referer logs whenever someone clicks offsite • A simple PerlTransHandler takes care of that 19 http://www.modperlcookbook.org/~geoff/

  20. package Cookbook::URISessionManager; sub get_session { ... } sub clean_uri { my $r = shift; my ($uri) = $r->uri =~ m!.*(http://.*)!; $r->send_http_header('text/html'); print<<EOF; <html> <head> <meta http-equiv="refresh" content="0;URL=$uri"> </head> <body> you should be going <a href="$uri">here</a> soon </body> </html> EOF return OK; } 1; 20 http://www.modperlcookbook.org/~geoff/

  21. httpd.conf PerlModule Cookbook::URISessionManager PerlTransHandler Cookbook::URISessionManager::get_session <Location /goodbye> SetHandler perl-script PerlHandler Cookbook::URISessionManager::clean_uri </Location> 21 http://www.modperlcookbook.org/~geoff/

  22. Mischievous Behavior • Simple URI re-mapping is only the beginning • Apache has this neat, built-in functionality called proxying –provided you have mod_proxy installed • With mod_perl and mod_proxy you can proxy just about anything... 22 http://www.modperlcookbook.org/~geoff/

  23. Advanced PerlTransHandler • Create a proxy that uses our local Apache documentation instead of ASF servers • Intercept proxy requests and silently replace calls to http://httpd.apache.org/docs with /usr/local/apache/htdocs/manual 23 http://www.modperlcookbook.org/~geoff/

  24. Client Setup 24 http://www.modperlcookbook.org/~geoff/

  25. Server Setup • Add this to httpd.conf PerlModule My::ManualProxy PerlTransHandler My::ManualProxy 25 http://www.modperlcookbook.org/~geoff/

  26. package My::ManualProxy; use Apache::Constants qw(OK DECLINED); use strict; sub handler { my $r = shift; return DECLINED unless $r->proxyreq; my (undef, $file) = $r->uri =~ m!^http://(www|httpd).apache.org/(.*)!; if ($file =~ m!^docs/!) { $file =~ s!^docs/!manual/!; $file = join "/", ($r->document_root, $file); if (-f $file) { $r->filename($file); # use local disk return OK; } } return DECLINED; } 1; 26 http://www.modperlcookbook.org/~geoff/

  27. Apache Request Cycle Client Request Logging URI-based Init Content URI Translation Fixups File-Based Init Resource Control Mime Setting 27 http://www.modperlcookbook.org/~geoff/

Recommend

Polygon Filling Goal intensify the pixels that belong to the polygon Issues which pixels belong

Polygon Filling Goal intensify the pixels that belong to the polygon Issues which pixels belong

Polygon Filling Goal intensify the pixels that belong to the polygon Issues which pixels belong to the polygon Approach use a (horizontal) scan line that traverses the polygon intensify the pixels along the spans (the segments of

895 views • 50 slides
Three peaks, but which 2) Measure FT-IR &gt; peaks belong to which molecule? Crosspeaks between

Three peaks, but which 2) Measure FT-IR &gt; peaks belong to which molecule? Crosspeaks between

2D IR EXAMPLE COMPARISON WITH FT-IR 1) Take a mixture 1 IR mode + 2 IR modes of two compounds Three peaks, but which 2) Measure FT-IR &gt; peaks belong to which molecule? Crosspeaks between vibrations mean they belong 3) Measure 2D

179 views • 7 slides
Be.Belong.Give. Parish Town Halls October 9, 2016 Theme Be. Be whoever you are and whatever

Be.Belong.Give. Parish Town Halls October 9, 2016 Theme Be. Be whoever you are and whatever

St. Marks Episcopal Church Capitol Hill 2017 Canvass: Be.Belong.Give. Parish Town Halls October 9, 2016 Theme Be. Be whoever you are and whatever you believe. Belong. Joi us. We aet lookig to chage ou, 2017

532 views • 17 slides
BELONG A family support programme promoting a sense of belonging for black &amp; minority ethnic

BELONG A family support programme promoting a sense of belonging for black &amp; minority ethnic

BELONG A family support programme promoting a sense of belonging for black &amp; minority ethnic children through: Cultural Confidence &amp; Competence Anti-Bullying &amp; Anti-Racial Bullying Education BELONG Beginnings

301 views • 18 slides
All Your Rule Base Are Belong to Me Jewel H. Ward

All Your Rule Base Are Belong to Me Jewel H. Ward

All Your Rule Base Are Belong to Me Jewel H. Ward Doctoral Student, UNC-CH SILS &amp; DICE iRODS User Mee,ng February 17-18, 2011

406 views • 15 slides
All Your IFCException Are Belong To Us C t lin Hri cu (joint work with Michael Greenberg,

All Your IFCException Are Belong To Us C t lin Hri cu (joint work with Michael Greenberg,

All Your IFCException Are Belong To Us C t lin Hri cu (joint work with Michael Greenberg, Ben Karel, Benjamin Pierce, Greg Morrisett, and more) 2012-11-05 -- WG 2.8 meeting in Annapolis Information Flow Control [Fenton, 1974] Static

326 views • 18 slides
Why Are We Here? Access/ metro and backbone networks may belong to different carriers or

Why Are We Here? Access/ metro and backbone networks may belong to different carriers or

GIBSON: Global IP-Based Service-Oriented Network Ping Pan, Tom Nolle August 2006, IMS Workshop Why Are We Here? Access/ metro and backbone networks may belong to different carriers or business entities: Different technologies among

439 views • 12 slides
Diversity and National Identity Sampoorna Biswas What does it mean to belong to your

Diversity and National Identity Sampoorna Biswas What does it mean to belong to your

Diversity and National Identity Sampoorna Biswas What does it mean to belong to your country? (And important to Pakistan too) Grown Born up/lived According to Google Autocomplete Culturally/ linguistically from here 29

519 views • 27 slides
A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years

A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years

A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years The Indiana Masonic Home was established to care for widows and orphaned children of Masons in 1915. Through the years, the community grew and demand

402 views • 25 slides
1 Wendell Crenshaw Technologies presents 1 2 Tumbleweed 2 All Your Baseband Are Belong To

1 Wendell Crenshaw Technologies presents 1 2 Tumbleweed 2 All Your Baseband Are Belong To

1 Wendell Crenshaw Technologies presents 1 2 Tumbleweed 2 All Your Baseband Are Belong To Us over-the-air exploitation of memory corruptions in GSM software stacks Ralf-Philipp Weinmann Laboratory for Algorithmics, Cryptology &amp;

737 views • 45 slides
Chapter 3 Business Organizations Economics and You Do you work at a business? Belong to a

Chapter 3 Business Organizations Economics and You Do you work at a business? Belong to a

Chapter 3 Business Organizations Economics and You Do you work at a business? Belong to a church? Participate in a club? Chances are these institutions play a significant role in your life. Click the Speaker button to listen to Economics

532 views • 30 slides
All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring

All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring

All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring Systems Andrei Costin EURECOM, France 1 st Workshop on Security &amp; Privacy in the Cloud (SPC) 30 Sep 2015, Florence Italy Agenda

640 views • 63 slides
NETWORKS Maria Agroti EPL682 1 1: All Your r Conta tacts ts Are Belong ng to Us: Aut

NETWORKS Maria Agroti EPL682 1 1: All Your r Conta tacts ts Are Belong ng to Us: Aut

SOCIAL NETWORKS Maria Agroti EPL682 1 1: All Your r Conta tacts ts Are Belong ng to Us: Aut utomated ted Identi tity The heft t At Attac acks on Social al Networ orks by: Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin

702 views • 47 slides
Authorship identification in large email collections: Experiments using features that belong to

Authorship identification in large email collections: Experiments using features that belong to

Authorship identification in large email collections: Experiments using features that belong to different linguistic levels George K. Mikros &amp; Kostas Perifanos National and Kapodistrian University of Athens 2 PAN 2011 Lab, 19-22

259 views • 13 slides
and useful for people Krastsvetmet refines all 100% of Krastsvetmet shares belong to the

and useful for people Krastsvetmet refines all 100% of Krastsvetmet shares belong to the

We make precious metals available and useful for people Krastsvetmet refines all 100% of Krastsvetmet shares belong to the Krasnoyarsk precious metals on an Region, a constituent entity industrial scale, processes of the Russian Federation

533 views • 25 slides
I ndigo Partners Branding www.IndigoHQ.com Why branding? Strong brands do not belong to

I ndigo Partners Branding www.IndigoHQ.com Why branding? Strong brands do not belong to

I ndigo Partners Branding www.IndigoHQ.com Why branding? Strong brands do not belong to corporations, but to people Mark Gobe, Author of Emotional Branding They: Create a sense of ownership for those who use and love

692 views • 8 slides
Coming to England Floella Benjamin (1949 - present) laden belong occasion

Coming to England Floella Benjamin (1949 - present) laden belong occasion

Coming to England Floella Benjamin (1949 - present) laden belong occasion lavish wharf eerie landscape various food (pulses, pawpaw, pomsitia, plantain, callaloo, cassavas, gungo peas) Quiz 1. What

329 views • 18 slides
It is a fine thing to belong to a private club based on rejec6on and difference. Ill go a step

It is a fine thing to belong to a private club based on rejec6on and difference. Ill go a step

It is a fine thing to belong to a private club based on rejec6on and difference. Ill go a step further. Excoria6on is the true measure of our merit. James Lee Burke, 2012 PI License 26869 Successfully defended 52 civilians and military

725 views • 43 slides
ALL YOUR API ARE BELONG TO US Paul Hill Everything as a service QCon New York 2014 Paul Hill

ALL YOUR API ARE BELONG TO US Paul Hill Everything as a service QCon New York 2014 Paul Hill

ALL YOUR API ARE BELONG TO US Paul Hill Everything as a service QCon New York 2014 Paul Hill Architect @ KIXEYE Platform Team APIs to power Social Gaming @paulwilliamhill Building a respectable API under fire An Adventure! starring The

370 views • 9 slides
All your packets are belong to us Attacking backbone technologies Daniel Mende &amp; Enno Rey

All your packets are belong to us Attacking backbone technologies Daniel Mende &amp; Enno Rey

All your packets are belong to us Attacking backbone technologies Daniel Mende &amp; Enno Rey {dmende, erey}@ernw.de Who we are Old-school network geeks. Working as security researchers for Germany based ERNW GmbH. Fiddling

630 views • 38 slides
My name is Steve and I go by Dirtpro in the Milsim world. I belong to the Oklahoma Badland

My name is Steve and I go by Dirtpro in the Milsim world. I belong to the Oklahoma Badland

My name is Steve and I go by Dirtpro in the Milsim world. I belong to the Oklahoma Badland Regulators Milsim team, which was formed at Oklahoma Invasion 5 in 2010. From the beginning we have strived to push the authenticity of the Milsim label and

207 views • 5 slides
Where you can belong #belongatbu International student life - Bournemouth Location, location,

Where you can belong #belongatbu International student life - Bournemouth Location, location,

Where you can belong #belongatbu International student life - Bournemouth Location, location, location Bournemouth University is located in a beautiful part of the UK Set in the south of England, right next to 7 miles of sandy beach

308 views • 20 slides
20 20-21 Return to Schools Guid idin ing Prin incip iples Belong.Serve.Succeed

20 20-21 Return to Schools Guid idin ing Prin incip iples Belong.Serve.Succeed

School Dis istrict of Holmen: 20 20-21 Return to Schools Guid idin ing Prin incip iples Belong.Serve.Succeed Preparing students for tomorrow through an engaging and inclusive educational community today. Empowerment Equity

674 views • 26 slides
Back to basics Are your hen, goat, pig and cow where they belong ? Areas of learning, routines

Back to basics Are your hen, goat, pig and cow where they belong ? Areas of learning, routines

24/02/2017 BECERA 2017 Adults Supporting Young Childrens Play Helen Moylett OR Back to basics Are your hen, goat, pig and cow where they belong ? Areas of learning, routines 1 24/02/2017 Where is the love? Play Where are the frolics

539 views • 27 slides

More recommend