This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -u Catalyst/Request.pm.orig Catalyst/Request.pm | |
--- Catalyst/Request.pm.orig 2020-10-06 10:17:47.549710876 +0100 | |
+++ Catalyst/Request.pm 2020-10-06 10:17:31.352855930 +0100 | |
@@ -130,6 +130,7 @@ | |
if($match) { | |
my $fh = $self->body; | |
+ seek($fh,0,0); | |
local $_ = $fh; | |
return $self->data_handlers->{$match}->($fh, $self); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package MyApp; | |
... | |
use Catalyst qw/ | |
ConfigLoader | |
Static::Simple | |
Authentication | |
Authorization::Roles |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- Catalyst/Plugin/Session/State/Cookie.pm.orig 2020-08-07 15:40:56.855643211 +0100 | |
+++ Catalyst/Plugin/Session/State/Cookie.pm 2020-08-07 11:53:35.131890154 +0100 | |
@@ -81,6 +81,10 @@ | |
$cookie->{httponly} = 1 | |
unless defined $cookie->{httponly}; # default = 1 (set httponly) | |
+ $cookie->{samesite} = $cfg->{cookie_samesite}; | |
+ $cookie->{samesite} = "Lax" | |
+ unless defined $cookie->{ samesite}; # default = Lax | |
+ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Unit] | |
Description=Gitea (Git with a cup of tea) | |
After=syslog.target | |
After=network.target | |
#After=mysqld.service | |
#After=postgresql.service | |
#After=memcached.service | |
#After=redis.service | |
[Service] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rate limit login attempts - after 3 failures, include a captcha | |
When prompting for the username/email address, provide the same response if the username exists as if it doesn't exist. "An email has been sent to x---@y----.--- with instructions" This prevents username enumeration. | |
Token generation - create a token, send it by email and store a HASHED version of the token (plain SHA-2 is sufficient) in the database. | |
Token should expire within 2 hours, perhaps only 30 minutes. | |
The email should include: | |
- a link to the password reset page to get a new token if the old one has expired | |
- the requestors IP address |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use DBIx::Class::DeploymentHandler; | |
# (removed standard Catalyst app module stuff) | |
# Start the application | |
__PACKAGE__->setup(); | |
my $model = __PACKAGE__->model('DB'); | |
my $dh = DBIx::Class::DeploymentHandler->new({ | |
schema => $model->schema, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
package SomeResult; | |
use strict; | |
use warnings; | |
use base 'DBIx::Class::Core'; | |
__PACKAGE__->table("foo"); | |
__PACKAGE__->add_columns( | |
foo_id => { | |
data_type => "integer", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cpanm (App::cpanminus) 1.7040 on perl 5.020001 built for x86_64-linux | |
Work directory is /home/cat/.cpanm/work/1477423518.6044 | |
You have make /usr/bin/make | |
You have LWP 6.15 | |
You have /bin/tar: tar (GNU tar) 1.23 | |
Copyright (C) 2010 Free Software Foundation, Inc. | |
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>. | |
This is free software: you are free to change and redistribute it. | |
There is NO WARRANTY, to the extent permitted by law. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package MyApp::Controller::Root; | |
use Moose; | |
use namespace::autoclean; | |
BEGIN { extends 'Catalyst::Controller' } | |
__PACKAGE__->config(namespace => ''); | |
sub chain_root :Chained('/') :PathPart('') :CaptureArgs(0) { | |
my ($self,$c) = @_; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package MyApp::Base; | |
sub new { | |
my $class = shift; | |
my $self = { abc => "def", xyz => "123" }; | |
bless $self, $class; | |
return $self; | |
} | |
sub get_abc { |