This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Perl"

From OWASP
Jump to: navigation, search
m
m
Line 24: Line 24:
 
Authentication modules will often be framework specific so let's list those.  
 
Authentication modules will often be framework specific so let's list those.  
  
{| border="1" width="200" cellspacing="1" cellpadding="1"
+
{| border="1" cellspacing="1" cellpadding="1" style="width: 614px; height: 220px;"
 
|+ Perl web frameworks and their security mechanisms  
 
|+ Perl web frameworks and their security mechanisms  
 
|-
 
|-
Line 36: Line 36:
 
|-
 
|-
 
| [http://cgi-app.org/ CGI::Application]  
 
| [http://cgi-app.org/ CGI::Application]  
| <br>  
+
| [http://search.cpan.org/perldoc?CGI::Application::Plugin::Authentication CGI::Application::Plugin::Authentication<br>]
| <br>
+
| [http://search.cpan.org/perldoc?CGI::Application::Plugin::Authorization CGI::Application::Plugin::Authorization]<br>
 
|-
 
|-
 
| [http://jifty.org/view/HomePage Jifty]  
 
| [http://jifty.org/view/HomePage Jifty]  

Revision as of 18:24, 1 July 2010

This page should collect together any resources relating to Perl and OWASP or security in general.

It is perhaps odd that this page is so new:

  1. Perl has long been an open source language and often associated with the internet.
  2. It offers what seems to be a much under-used method of combating many sorts of exploit namely taint mode. This forces every "input" to the program to be checked for malign influences before it is allowed to effect the "outside" of the program.

Possible perl OWASP projects

  1. Perl ports of multi-language OWASP projects, for example AntiSamy.
  2. Review of CPAN modules according to OWASP standards, for example CGI::Application::Plugin::Authentication.
  3. A perl module to measure the strength of passwords.

Perl resources

  1. Perl security man page
  2. Perl Monks
  3. Security Issues in Perl Scripts by Jordan Dimov

Perl modules

Web frameworks

Authentication modules will often be framework specific so let's list those.

Perl web frameworks and their security mechanisms
Framework Authentication Authorization
Catalyst Catalyst::Plugin::Authentication
The same module also covers authorization via the concept of realms.
CGI::Application CGI::Application::Plugin::Authentication
CGI::Application::Plugin::Authorization
Jifty

Mojolicious

Dancer

Authentication

Authorization

HTML validation

Password strength