Provided by: libcgi-application-plugin-requiressl-perl_0.04-3_all bug

NAME

       CGI::Application::Plugin::RequireSSL - Force SSL in specified pages or modules

VERSION

       Version 0.04

SYNOPSIS

           use CGI::Application::Plugin::RequireSSL;

           sub login_form :RequireSSL {
               my $self = shift;
               # etc
           }

DESCRIPTION

       CGI::Application::Plugin::RequireSSL allows individual run modes or whole modules to be
       protected by SSL. If a standard HTTP request is received, you can specify whether an error
       is raised or if the request should be redirected to the HTTPS equivalent URL.

EXPORT

       Exported methods:
           config_requiressl, mode_redirect

USAGE

   run mode-level protection
       run mode protection is specified by the RequireSSL attribute after the method name:

           sub process_login :RequireSSL {
               my $self = shift;
           }

   Module-level protection
       You can protect a complete module by setting the 'require_ssl' parameter in your instance
       script:

           use MyApp;
           my $webapp = MyApp->new(
               PARAMS => {require_ssl => 1}
           );
           $webapp->run();

   Redirecting to a protected URL.
       By default, an error is raised if a request is made to a protected run mode or module
       using HTTP. However, you can specify that the request is redirected to the HTTPS url by
       setting the rewrite_to_ssl parameter as long as the requested method is not POST:

           my $webapp = MyApp->new(
               PARAMS => {rewrite_to_ssl => 1}
           );

   Turning off checks.
       If you need to turn off checks, simply set the ignore_check parameter when configuring the
       plugin (see "config_requiressl" below).

   Reverting to HTTP
       Once a successful request is made to a protected run mode or module, subsequent requests
       to a non-protected run mode or module will revert to using HTTP.  To prevent this from
       happening, set the parameter keep_in_ssl in the configuration (see "config_requiressl"
       below)

METHODS

   config_requiressl
       Optionally configure the plugin in your cgiapp_init method

           $self->config_requiressl(
               keep_in_ssl => 0,
               ignore_check => 0,
           )

       Valid parameters are:

       •   keep_in_ssl - if set, all subsequent requests following one to a protected run mode or
           module will be via HTTPS.

       •   ignore_check - ignore SSL schecking. This is useful if your application is deployed in
           an environment that doesn't support SSL.

   mode_redirect
       This is a run mode that will be automatically called if the request should be redirected
       to the equivalent HTTP or HTTPS URL. You should not call it directly.

AUTHOR

       Dan Horne, "<dhorne at cpan.org>"

BUGS

       Please report any bugs or feature requests to "bug-cgi-application-plugin-requiressl at
       rt.cpan.org", or through the web interface at
       <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=CGI-Application-Plugin-RequireSSL>.  I
       will be notified, and then you'll automatically be notified of progress on your bug as I
       make changes.

CAVEAT

       This module been tested under the FastCGI persistent environment, but not under mod_perl.
       The author would apprecaute feedback from anyone who is able to test with that
       environment.

SUPPORT

       You can find documentation for this module with the perldoc command.

           perldoc CGI::Application::Plugin::RequireSSL

       You can also look for information at:

       •   AnnoCPAN: Annotated CPAN documentation

           <http://annocpan.org/dist/CGI-Application-Plugin-RequireSSL>

       •   CPAN Ratings

           <http://cpanratings.perl.org/d/CGI-Application-Plugin-RequireSSL>

       •   RT: CPAN's request tracker

           <http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Application-Plugin-RequireSSL>

       •   Search CPAN

           <http://search.cpan.org/dist/CGI-Application-Plugin-RequireSSL>

ACKNOWLEDGEMENTS

       •   Users of the CGI::Application wiki (http://www.cgi-app.org) who requested this module.

       •   Andy Grundman - I stole the idea of the keep_in_ssl parameter from his
           Catalyst::Plugin::RequireSSL module

COPYRIGHT & LICENSE

       Copyright 2007 Dan Horne, all rights reserved.

       This program is free software; you can redistribute it and/or modify it under the same
       terms as Perl itself.