Mailing List Archive: Catalyst: Users

How to redirect before some code excute

Index | Next | Previous | View Threaded

fayland at gmail

Oct 25, 2006, 12:50 AM

Post #1 of 24 (811 views)
Permalink

How to redirect before some code excute

i want to redirect before the loop excute , but it seems redirect
happens after the loop finish. is there any plugin or method to do this?

my code
.....

$c->res->redirect(' http://www.yahoo.com' <http://www.yahoo.com%27>);
my $n;
while($n<99999) {
$c->log->debug($n);
$n++;
}
$c->log->debug('asaaaaaaaaaaaa');
........

of course. the while loop is faked. indeed it's something involved with $c.
the logic of Catalyst is run the whole sub over then call end. but I
want to print redirect to visitor then run the while in backend.

is that clear enough?
Thanks for help.

--
Fayland Lam // http://www.fayland.org/

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

nom at standen

Oct 25, 2006, 12:56 AM

Post #2 of 24 (803 views)
Permalink

Re: How to redirect before some code excute [In reply to]

It's a subroutine, right?

Tried a return?....such as:

$c->res->redirect('http://www.yahoo.com');
return undef;

fayland wrote:
> i want to redirect before the loop excute , but it seems redirect
> happens after the loop finish. is there any plugin or method to do this?
>
> my code
> .....
>
> $c->res->redirect(' http://www.yahoo.com' <http://www.yahoo.com%27>);
> my $n;
> while($n<99999) {
> $c->log->debug($n);
> $n++;
> }
> $c->log->debug('asaaaaaaaaaaaa');
> ........
> of course. the while loop is faked. indeed it's something involved
> with $c.
> the logic of Catalyst is run the whole sub over then call end. but I
> want to print redirect to visitor then run the while in backend.
>
> is that clear enough?
> Thanks for help.
>

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

jon at jrock

Oct 25, 2006, 9:54 AM

Post #3 of 24 (804 views)
Permalink

Re: How to redirect before some code excute [In reply to]

> It's a subroutine, right?
>
> Tried a return?....such as:

What you really want to do is call $c->detach to completely end the
processing chain. Return will still execute end {} actions, and
continue processing up the class hierarchy:

pacakge A;
@ISA = qw(C);
sub foo {
...
print "before ";
$self->NEXT::foo();
print "after ";
}

package C;
sub foo {
...
print "before ";
return;
print "after ";
}

That code will print "before before after" whereas detaching will print
"before before" and then end.

> return undef;

Never return undef. undef in list context is defined and true! just
"return" instead, since that will be undefined in both list and scalar
contexts.

jrockway [at] WS-DAL ~
$ perl -e '@array = (undef); print "true" if @array;'
true
jrockway [at] WS-DAL ~
$ perl -e '@array = (); print "true" if @array;'

Regards,
Jonathan Rockway

--
package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
$,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

fayland at gmail

Oct 25, 2006, 6:46 PM

Post #4 of 24 (776 views)
Permalink

Re: How to redirect before some code excute [In reply to]

Lee Standen wrote:
> It's a subroutine, right?
>
> Tried a return?....such as:
>
> $c->res->redirect('http://www.yahoo.com');
> return undef;

Indeed I want to run the 'while' loop in backend. 'return' would not run
the loop I think.

>
>
>
> fayland wrote:
>> i want to redirect before the loop excute , but it seems redirect
>> happens after the loop finish. is there any plugin or method to do this?
>>
>> my code
>> .....
>>
>> $c->res->redirect(' http://www.yahoo.com' <http://www.yahoo.com%27>);
>> my $n;
>> while($n<99999) {
>> $c->log->debug($n);
>> $n++;
>> }
>> $c->log->debug('asaaaaaaaaaaaa');
>> ........ of course. the while loop is faked. indeed it's something
>> involved with $c.
>> the logic of Catalyst is run the whole sub over then call end. but I
>> want to print redirect to visitor then run the while in backend.
>>
>> is that clear enough?
>> Thanks for help.
>>
>
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/
>

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

leonard.a.jaffe at jpmchase

Oct 26, 2006, 7:43 AM

Post #5 of 24 (785 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Fayland Lam <fayland [at] gmail> wrote:
>
> Lee Standen wrote:
> > It's a subroutine, right?
> >
> > Tried a return?....such as:
> >
> > $c->res->redirect('http://www.yahoo.com');
> > return undef;
>
> Indeed I want to run the 'while' loop in backend. 'return' would not run

> the loop I think.

Why do you want to run the loop in the background?
What purpose will it serve?

If we can learn your motivation, we can try to find you
At Least One Way To Do It.

Len.

-----------------------------------------
This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law. If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED. Although this transmission and
any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is
received and opened, it is the responsibility of the recipient to
ensure that it is virus free and no responsibility is accepted by
JPMorgan Chase & Co., its subsidiaries and affiliates, as
applicable, for any loss or damage arising in any way from its use.
If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you.

jayk at ion0

Oct 26, 2006, 8:11 AM

Post #6 of 24 (781 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Hi,

I think the idea is to start a long-running process based on a web-
based trigger.... and allow the user to proceed on to do other
things. In other systems a fork() would probably be in order.

I'm curious also - is there a Catalyst specific way of doing
something like that...? and if not, is there any danger in fork()ing
inside a catalyst app?

Jay

On Oct 26, 2006, at 9:43 AM, leonard.a.jaffe [at] jpmchase wrote:

>
> Fayland Lam <fayland [at] gmail> wrote:
> >
> > Lee Standen wrote:
> > > It's a subroutine, right?
> > >
> > > Tried a return?....such as:
> > >
> > > $c->res->redirect('http://www.yahoo.com');
> > > return undef;
> >
> > Indeed I want to run the 'while' loop in backend. 'return' would
> not run
> > the loop I think.
>
> Why do you want to run the loop in the background?
> What purpose will it serve?
>
> If we can learn your motivation, we can try to find you
> At Least One Way To Do It.
>
> Len.
>
>
>
>
> This transmission may contain information that is privileged,
> confidential, legally privileged, and/or exempt from disclosure
> under applicable law. If you are not the intended recipient, you
> are hereby notified that any disclosure, copying, distribution, or
> use of the information contained herein (including any reliance
> thereon) is STRICTLY PROHIBITED. Although this transmission and
> any attachments are believed to be free of any virus or other
> defect that might affect any computer system into which it is
> received and opened, it is the responsibility of the recipient to
> ensure that it is virus free and no responsibility is accepted by
> JPMorgan Chase & Co., its subsidiaries and affiliates, as
> applicable, for any loss or damage arising in any way from its use.
> If you received this transmission in error, please immediately
> contact the sender and destroy the material in its entirety,
> whether in electronic or hard copy format. Thank you.
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/
> catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/

---
"May we not return to those scoundrels of old, the illustrious
founders of superstition and fanaticism, who first took the knife
from the altar to make victims of those who refused to be their
disciples." - Voltaire

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

fireartist at gmail

Oct 26, 2006, 8:15 AM

Post #7 of 24 (787 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

On 26/10/06, leonard.a.jaffe [at] jpmchase <leonard.a.jaffe [at] jpmchase> wrote:
>
> Fayland Lam <fayland [at] gmail> wrote:
> >
> > Lee Standen wrote:
> > > It's a subroutine, right?
> > >
> > > Tried a return?....such as:
> > >
> > > $c->res->redirect('http://www.yahoo.com');
> > > return undef;
> >
> > Indeed I want to run the 'while' loop in backend. 'return' would not run
> > the loop I think.
>
> Why do you want to run the loop in the background?
> What purpose will it serve?
>
> If we can learn your motivation, we can try to find you
> At Least One Way To Do It.

It's not that unusual to want to send a response before doing
expensive operations, so that the user doesn't have to wait.

Does fork() play well with catalyst? (I've not yet had a need to try it myself)

Carl

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

claco at chrislaco

Oct 26, 2006, 8:26 AM

Post #8 of 24 (772 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Carl Franks wrote:
> On 26/10/06, leonard.a.jaffe [at] jpmchase <leonard.a.jaffe [at] jpmchase>
> wrote:
>>
>> Fayland Lam <fayland [at] gmail> wrote:
>> >
>> > Lee Standen wrote:
>> > > It's a subroutine, right?
>> > >
>> > > Tried a return?....such as:
>> > >
>> > > $c->res->redirect('http://www.yahoo.com');
>> > > return undef;
>> >
>> > Indeed I want to run the 'while' loop in backend. 'return' would not
>> run
>> > the loop I think.
>>
>> Why do you want to run the loop in the background?
>> What purpose will it serve?
>>
>> If we can learn your motivation, we can try to find you
>> At Least One Way To Do It.
>
> It's not that unusual to want to send a response before doing
> expensive operations, so that the user doesn't have to wait.
>
> Does fork() play well with catalyst? (I've not yet had a need to try it
> myself)
>
> Carl

Personally, rather than fork, I'd suggest some sort of message/request
queue.

-=Chris

Attachments:

signature.asc (0.18 KB)

dbix-class at trout

Oct 26, 2006, 8:40 AM

Post #9 of 24 (774 views)
Permalink

Re: How to redirect before some code excute [In reply to]

Jonathan Rockway wrote:
>> It's a subroutine, right?
>>
>> Tried a return?....such as:
>
> What you really want to do is call $c->detach to completely end the
> processing chain. Return will still execute end {} actions, and
> continue processing up the class hierarchy:

detach in the main processing stage will still lead to end actions being
executed, too.

--
Matt S Trout Offering custom development, consultancy and support
Technical Director contracts for Catalyst, DBIx::Class and BAST. Contact
Shadowcat Systems Ltd. mst (at) shadowcatsystems.co.uk for more information

+ Help us build a better perl ORM: http://dbix-class.shadowcatsystems.co.uk/ +

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

dbix-class at trout

Oct 26, 2006, 8:42 AM

Post #10 of 24 (781 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Fayland Lam wrote:
> Lee Standen wrote:
>> It's a subroutine, right?
>>
>> Tried a return?....such as:
>>
>> $c->res->redirect('http://www.yahoo.com');
>> return undef;
>
> Indeed I want to run the 'while' loop in backend. 'return' would not run
> the loop I think.

$c->res->redirect(...);
$c->finalize_headers;

<while loop or whatever here>

might do the trick

--
Matt S Trout Offering custom development, consultancy and support
Technical Director contracts for Catalyst, DBIx::Class and BAST. Contact
Shadowcat Systems Ltd. mst (at) shadowcatsystems.co.uk for more information

+ Help us build a better perl ORM: http://dbix-class.shadowcatsystems.co.uk/ +

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

jon at jrock

Oct 26, 2006, 8:59 AM

Post #11 of 24 (778 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

There's also an experimental Job Queue in svn trunk. Basically the goal
is to allow you to do something like $c->at("now")->do { ... code ... },
but it doesn't quite work like that right now.

>> Indeed I want to run the 'while' loop in backend. 'return' would not
>> run the loop I think.

--
package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
$,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

mark at zzo

Oct 26, 2006, 9:52 AM

Post #12 of 24 (791 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Ajax.
Mark

Christopher H. Laco wrote:
> Carl Franks wrote:
>> On 26/10/06, leonard.a.jaffe [at] jpmchase <leonard.a.jaffe [at] jpmchase>
>> wrote:
>>> Fayland Lam <fayland [at] gmail> wrote:
>>>> Lee Standen wrote:
>>>>> It's a subroutine, right?
>>>>>
>>>>> Tried a return?....such as:
>>>>>
>>>>> $c->res->redirect('http://www.yahoo.com');
>>>>> return undef;
>>>> Indeed I want to run the 'while' loop in backend. 'return' would not
>>> run
>>>> the loop I think.
>>> Why do you want to run the loop in the background?
>>> What purpose will it serve?
>>>
>>> If we can learn your motivation, we can try to find you
>>> At Least One Way To Do It.
>> It's not that unusual to want to send a response before doing
>> expensive operations, so that the user doesn't have to wait.
>>
>> Does fork() play well with catalyst? (I've not yet had a need to try it
>> myself)
>>
>> Carl
>
> Personally, rather than fork, I'd suggest some sort of message/request
> queue.
>
> -=Chris
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

Wade.Stuart at fallon

Oct 26, 2006, 10:04 AM

Post #13 of 24 (773 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

]

"Carl Franks" <fireartist [at] gmail> wrote on 10/26/2006 10:15:18 AM:

> On 26/10/06, leonard.a.jaffe [at] jpmchase <leonard.a.jaffe [at] jpmchase
> com> wrote:
> >
> > Fayland Lam <fayland [at] gmail> wrote:
> > >
> > > Lee Standen wrote:
> > > > It's a subroutine, right?
> > > >
> > > > Tried a return?....such as:
> > > >
> > > > $c->res->redirect('http://www.yahoo.com');
> > > > return undef;
> > >
> > > Indeed I want to run the 'while' loop in backend. 'return' would not
run
> > > the loop I think.
> >
> > Why do you want to run the loop in the background?
> > What purpose will it serve?
> >
> > If we can learn your motivation, we can try to find you
> > At Least One Way To Do It.
>
> It's not that unusual to want to send a response before doing
> expensive operations, so that the user doesn't have to wait.
>
> Does fork() play well with catalyst? (I've not yet had a need to tryit
myself)

I never have tried fork() here. I use mod_perl and it seems silly to hold
a MP proc hostage for long running tasks, I usually insert a command queue
into a database and have an external script (daemon) run the queue and
update the status/results. This allows for very long running external
commands that are not imposing on your mod_perl config, and also has the
added benefit of allowing to distribute those commands across multiple
machines if need be.

>
> Carl

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

pagaltzis at gmx

Oct 26, 2006, 10:44 AM

Post #14 of 24 (768 views)
Permalink

Re: How to redirect before some code excute [In reply to]

* Mark Ethan Trostler <mark [at] zzo> [2006-10-26 19:00]:
> Christopher H. Laco wrote:
>> Personally, rather than fork, I'd suggest some sort of
>> message/request queue.
>
> Ajax.

Some people, when confronted with a problem, think “I know, I’ll
use Javascript.” Now they have two problems.

(With apologies to Jamie Zawinski.)

Regards,
--
Aristotle Pagaltzis // <http://plasmasturm.org/>

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

rbroom+catalyst at rbroom

Oct 26, 2006, 10:50 AM

Post #15 of 24 (788 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

How about system("$cmd &") ?

If the job can handle it, I tend to agree with the job-queue aproach. This can provide other forward gains like being able to distribute the work over multiple systems.

---
Rodney Broom

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

mark at zzo

Oct 26, 2006, 11:17 AM

Post #16 of 24 (773 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Perhaps.
I 'system("nohup ... >& /tmp/file &")'
& my page makes ajax calls that gathers /tmp/file & ships it back.
There's some more logic around ensuring the process doesn't get started
twice & bob's yer uncle.
Mark

For another project I am using activemq & Net::Stomp (& Catalyst) to
send/receive requests which also works well. Depends how crazy you
wanna get.

A. Pagaltzis wrote:
> * Mark Ethan Trostler <mark [at] zzo> [2006-10-26 19:00]:
>> Christopher H. Laco wrote:
>>> Personally, rather than fork, I'd suggest some sort of
>>> message/request queue.
>> Ajax.
>
> Some people, when confronted with a problem, think “I know, I’ll
> use Javascript.” Now they have two problems.
>
> (With apologies to Jamie Zawinski.)
>
> Regards,

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

jon at jrock

Oct 26, 2006, 12:03 PM

Post #17 of 24 (770 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

> system("$cmd &");
> I 'system("nohup ... >& /tmp/file &")'

Please, no scalar system() calls in a web application. Thanks.

--
package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
$,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

rbroom+catalyst at rbroom

Oct 26, 2006, 12:34 PM

Post #18 of 24 (767 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

From: "Jonathan Rockway" <jon [at] jrock>

> > system("$cmd &");
> > I 'system("nohup ... >& /tmp/file &")'
>
> Please, no scalar system() calls in a web application. Thanks.

How come?

---
Rodney Broom

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

jon at jrock

Oct 26, 2006, 1:01 PM

Post #19 of 24 (770 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

> How come?

I recommend reading "perldoc perlsec". The one-argument form of
C<system> invokes the system's shell to process the command (usually),
leading to a number of possible security problems. Basically you're
entering into the fun game of trying to escape all possible bad inputs,
which is pretty close to impossible.

You can do better if you use the list form:

system('date', '+%s');

That will call execvp directly, meaning that quotes, slashes, etc.
become meaningless.

There's still a subtle security problem, though. If $ENV{PATH} happens
to be some place that an attacker can write (maybe /tmp if file uploads
are allowed), then a 'date' in there could be executable code or a shell
script, or whatever.

Anyway, you *can* invoke the shell from your app, but you're playing
with fire and should be aware of the risks.

--
package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
$,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

rbroom+catalyst at rbroom

Oct 26, 2006, 1:39 PM

Post #20 of 24 (767 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

Ah, injection. Yes, you're completely right. My meaning in $cmd was to say, "whatever your command is"

Personally, I tend to only only interpret input, as apposed to using it directly. ie;
$cmd_to_run = $allowed_commands{$input_cmd_menu_item}

...but now I'm OT. ;)

---
Rodney Broom

----- Original Message -----
From: "Jonathan Rockway" <jon [at] jrock>
To: "The elegant MVC web framework" <catalyst [at] lists>
Sent: Thursday, October 26, 2006 13:01
Subject: Re: [Catalyst] Re: How to redirect before some code excute

> > How come?
>
> I recommend reading "perldoc perlsec". The one-argument form of
> C<system> invokes the system's shell to process the command (usually),
> leading to a number of possible security problems. Basically you're
> entering into the fun game of trying to escape all possible bad inputs,
> which is pretty close to impossible.
>
> You can do better if you use the list form:
>
> system('date', '+%s');
>
> That will call execvp directly, meaning that quotes, slashes, etc.
> become meaningless.
>
> There's still a subtle security problem, though. If $ENV{PATH} happens
> to be some place that an attacker can write (maybe /tmp if file uploads
> are allowed), then a 'date' in there could be executable code or a shell
> script, or whatever.
>
> Anyway, you *can* invoke the shell from your app, but you're playing
> with fire and should be aware of the risks.
>
> --
> package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
> $,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
> ";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/
>

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

omega at palle

Oct 26, 2006, 2:57 PM

Post #21 of 24 (786 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

I had to do something similar for a client recently, and although
that clients codebase isnt catalyst, I still think my findings might
be relative enough.

What I ended up doing was writing a (very) small POE server,
listening on HTTP for commands. This server then simply returns
whenever it gets a request, after queueing the job. They both use the
same DB, so whenever the jobserver(poe thingy) is done, it updates a
field in the DB with status.

On the frontendserver I then refresh the status either with ajax or
with page refreshes (if you care how the job went).

I think this approach is quite flexible, as it allows me (if needed)
to split the proces on two machines, and I dont have to worry about
forking etc, since the poe server is single process. Admittedly my
jobs are all run on a 3rd server (running windows), so I only have to
do a small tcp-call to check the job-status from the poe-server, so
if you have really long running jobs, this might not be enough after
all, but POE has some cookbook examples of running long running jobs
that might help you.

If you want to take a look at some of the POE stuff I did, just let
me know.

andreas

On 26. okt. 2006, at 17.11, Jay K wrote:

> Hi,
>
> I think the idea is to start a long-running process based on a web-
> based trigger.... and allow the user to proceed on to do other
> things. In other systems a fork() would probably be in order.
>
> I'm curious also - is there a Catalyst specific way of doing
> something like that...? and if not, is there any danger in fork()ing
> inside a catalyst app?
>
> Jay
>
> On Oct 26, 2006, at 9:43 AM, leonard.a.jaffe [at] jpmchase wrote:
>
>>
>> Fayland Lam <fayland [at] gmail> wrote:
>> >
>> > Lee Standen wrote:
>> > > It's a subroutine, right?
>> > >
>> > > Tried a return?....such as:
>> > >
>> > > $c->res->redirect('http://www.yahoo.com');
>> > > return undef;
>> >
>> > Indeed I want to run the 'while' loop in backend. 'return' would
>> not run
>> > the loop I think.
>>
>> Why do you want to run the loop in the background?
>> What purpose will it serve?
>>
>> If we can learn your motivation, we can try to find you
>> At Least One Way To Do It.
>>
>> Len.
>>
>>
>>
>>
>> This transmission may contain information that is privileged,
>> confidential, legally privileged, and/or exempt from disclosure
>> under applicable law. If you are not the intended recipient, you
>> are hereby notified that any disclosure, copying, distribution, or
>> use of the information contained herein (including any reliance
>> thereon) is STRICTLY PROHIBITED. Although this transmission and
>> any attachments are believed to be free of any virus or other
>> defect that might affect any computer system into which it is
>> received and opened, it is the responsibility of the recipient to
>> ensure that it is virus free and no responsibility is accepted by
>> JPMorgan Chase & Co., its subsidiaries and affiliates, as
>> applicable, for any loss or damage arising in any way from its use.
>> If you received this transmission in error, please immediately
>> contact the sender and destroy the material in its entirety,
>> whether in electronic or hard copy format. Thank you.
>>
>> _______________________________________________
>> List: Catalyst [at] lists
>> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
>> Searchable archive: http://www.mail-archive.com/
>> catalyst [at] lists/
>> Dev site: http://dev.catalyst.perl.org/
>
> ---
> "May we not return to those scoundrels of old, the illustrious
> founders of superstition and fanaticism, who first took the knife
> from the altar to make victims of those who refused to be their
> disciples." - Voltaire
>
>
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/
> catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

fayland at gmail

Oct 26, 2006, 5:08 PM

Post #22 of 24 (773 views)
Permalink

Re: How to redirect before some code excute [In reply to]

Matt S Trout wrote:
> Fayland Lam wrote:
>> Lee Standen wrote:
>>> It's a subroutine, right?
>>>
>>> Tried a return?....such as:
>>>
>>> $c->res->redirect('http://www.yahoo.com');
>>> return undef;
>>
>> Indeed I want to run the 'while' loop in backend. 'return' would not
>> run the loop I think.
>
> $c->res->redirect(...);
> $c->finalize_headers;
>
> <while loop or whatever here>
>
> might do the trick
>

no, it doesn't work. maybe there is something concerned with 'butter',
it's not sent immediately.
and I use mod_perl2, so I'd like to have a try of system.
Thanks any way.

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

pagaltzis at gmx

Oct 26, 2006, 5:17 PM

Post #23 of 24 (790 views)
Permalink

Re: How to redirect before some code excute [In reply to]

* Jonathan Rockway <jon [at] jrock> [2006-10-26 22:10]:
> Basically you're entering into the fun game of trying to escape
> all possible bad inputs, which is pretty close to impossible.

Quoting for Unix shells is easy to get right: you turn all single
quotes in the string into the sequence

'\''

then surround the string with single quotes. That’s it, you’re
done.

> You can do better if you use the list form:
>
> system('date', '+%s');
>
> That will call execvp directly, meaning that quotes, slashes,
> etc. become meaningless.

Except then you can’t use `&` at the end of the command to put it
in the background as in the original suggestion, because that
requires shell to interpret the command.

> Anyway, you *can* invoke the shell from your app, but you're
> playing with fire and should be aware of the risks.

In general I would agree that shell should be avoided whenever
possible, simply because the fewer moving parts you have, the
more robust the overall system is. But when it really makes sense
to rely on shell, you shouldn’t fear using it either – certainly
it isn’t any more dangerous than any other instance of the
strings problem.

Regards,
--
Aristotle Pagaltzis // <http://plasmasturm.org/>

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

edencardim at gmail

Oct 27, 2006, 9:25 AM

Post #24 of 24 (777 views)
Permalink

Re: Re: How to redirect before some code excute [In reply to]

On 10/26/06, Fayland Lam <fayland [at] gmail> wrote:
> Matt S Trout wrote:
> > Fayland Lam wrote:
> >> Lee Standen wrote:
> >>> It's a subroutine, right?
> >>>
> >>> Tried a return?....such as:
> >>>
> >>> $c->res->redirect('http://www.yahoo.com');
> >>> return undef;
> >>
> >> Indeed I want to run the 'while' loop in backend. 'return' would not
> >> run the loop I think.
> >
> > $c->res->redirect(...);
> > $c->finalize_headers;
> >
> > <while loop or whatever here>
> >
> > might do the trick
> >
>
> no, it doesn't work. maybe there is something concerned with 'butter',
> it's not sent immediately.
> and I use mod_perl2, so I'd like to have a try of system.
> Thanks any way.

It works if you manage to run your stuff after Catalyst calls
$c->finalize() in handle_request(). Funny, I just wrote a hack, err,
plugin yesterday which gives me the option to set up a hook that's
called right after $c->finalize(). I'm not sure if this is the correct
way to do it or if there are any side-effects, if any of the more
experient Catalyst users/developers think its a good idea for a
plugin, let me know and I'll can carve it up and release it.
I use mod_perl and haven't had any trouble so far, this approach lets
me delegate all the pre-fork management to apache. I have a Catalyst
front-end which adds jobs to a queue like mentioned before in the
thread and a another Catalyst server running XMLRPC that gets notified
about incoming jobs and runs them after responding to the XMLRPC
notification.

In MyApp.pm:
use Catalyst qw/AfterFinalize/;

In a controller action somewhere:
sub myaction : Local {
$c->res->body('running job');
$c->after_finalize(sub { run_job() } );
}

--
Eden Cardim
Instituto Baiano de Biotecnologia
N�cleo de Biologia Computacional e Gest�o de Informa��es Biotecnol�gicas
Laborat�rio de Bioinform�tica
--
"you seem to think that 'close enough' is close enough...
please learn to be 'literal' around programming."
merlyn - on irc.freenode.net#perl

Attachments:

AfterFinalize.pm (0.37 KB)

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads