Re: Moving ExecCGI to mod_perl - performance and custom 'modules' [EXT]

2021-02-09 Thread Clive Eisen
> On 9 Feb 2021, at 19:16, Rafael Caceres wrote: > > Another thing that can be done is keep the app server + DB inside your LAN > and place a reverse proxy on your DMZ, that adds some level of protection. Not really - the only protection is if all your apis or web pages are secure - the reve

Re: Moving ExecCGI to mod_perl - performance and custom 'modules' [EXT]

2021-02-09 Thread Clive Eisen
> On 9 Feb 2021, at 18:45, James Smith wrote: > > It doesn't matter what db - and whether you wrap it in eval it is a problem > (postgres has a similar problem - the one with least problems is MySQL) - if > you have a secure environment where your databases are in a firewalled zone > it will

Re: Future MPM Support?

2018-06-07 Thread Clive Eisen
> On 7 Jun 2018, at 19:13, David Hodgkinson wrote: > > No. Different concept. > > On 7 Jun 2018, at 18:52, John Dunlap mailto:j...@lariat.co>> > wrote: > >> Is Plack backwards compatible with mod_perl? >> >> On Thu, Jun 7, 2018 at 5:44 PM, David Hodgkinson > > wrot

Re: unsubscribe

2017-08-07 Thread Clive Eisen
Quite AND the info is in the headers of EVERY email -- Clive Eisen GPG: 75056DD0 > On 7 Aug 2017, at 13:39, André Warnier (tomcat) wrote: > > On 07.08.2017 14:30, Timon Roth wrote: >> unsubscribe > > See : http://perl.apache.org/maillist/modperl.html#Sub

Re: capture exception

2017-05-30 Thread Clive Eisen
Let’s agree to differ -- Clive Eisen GPG: 75056DD0 > On 30 May 2017, at 19:36, Dirk-Willem van Gulik wrote: > > On 30 May 2017, at 19:52, Clive Eisen wrote: > >> From my servers - data >> >> From anyone else's - user input > > A few years a

Re: capture exception

2017-05-30 Thread Clive Eisen
From my servers - data From anyone else's - user input -- Clive Eisen GPG: 75056DD0 > On 30 May 2017, at 18:47, Ruben Safir wrote: > > On Tue, May 30, 2017 at 05:10:17PM +0100, Clive Eisen wrote: >> It is only a security hole if you eval user input. >> >

Re: capture exception

2017-05-30 Thread Clive Eisen
It is only a security hole if you eval user input. -- Clive Eisen GPG: 75056DD0 > On 30 May 2017, at 17:00, Hiram Gibbard wrote: > > I might be hijacking this... Sorry, but...I recently used the Perl eval > function to determine if a ldap search returned a error or not.

Re: Alternatives to CGI perl module

2016-09-11 Thread Clive Eisen
I ca only speak for Dancer2 - I imagine they are all similar > On 11 Sep 2016, at 15:55, Igor Chudov wrote: > > Eugene, sorry for my ignorant questions. > > I see several of these frameworks. > > Is that correct that the result of setting up and programming the framework > is a running perl sc

Re: Alternatives to CGI perl module

2016-09-10 Thread Clive Eisen
> On 10 Sep 2016, at 15:41, Paul Johnson wrote: > > I'd probably choose Dancer2 for new work now myself, but if you want 20 > year support you might prefer looking towards Catalyst, or perhaps even > building something for yourself on top of Plack. > +1 for Dancer2 And proxy to it with nginx t

Re: random token re-used in subsequent requests

2016-05-17 Thread Clive Eisen
before generating your ‘random’ code The issue will almost certainly go away -- Clive Eisen GPG: 75056DD0 > On 17 May 2016, at 13:11, Vincent Veyron wrote: > > On Tue, 17 May 2016 10:16:43 +0200 > André Warnier wrote: >> >> I don't see above any signifian