view release on metacpan or  search on metacpan

lib/Apache/JumpByReferer.pm  view on Meta::CPAN

			my ($reg, $loc) = quotewords('\s+', 0, $1);
			if ($loc =~ /^\s*$/) {
				$r->server->log->info("$file line $i: parse error");
				next;
			}
			my $buf = $reg;
			$buf =~ s|(?<!\\)/|\\/|g;
			{ # testing the regular expressions
				local $@;
				eval '/' . $buf . '/';
				if ($@) {
					$r->server->log->alert(
						"$file line $i: \"$reg\" is invalid regexp"
					);
					next;
				}
			}
			$DATA{$file}->{$reg} = $loc;
		} else {
			$r->server->log->info(
				"$file line $i: parse error"
			);
		}
	}
	close $fh;
	$DATA{$file};
}

1;
__END__

=pod

=head1 NAME

Apache::JumpByReferer - Jump or block by Referer header field

=head1 SYNOPSIS

You need to compile mod_perl with PERL_ACCESS (or EVERYTHING) enabled.
And write the setting like below:

in httpd.conf

 <Directory /protected/directory/>
   PerlAccessHandler Apache::JumpByReferer
   PerlSetVar        RefererListFile conf/jump.conf
   PerlSetVar        JumpByReferer   On
 </Directory>

in RefererListFile (conf/jump.conf)

 # Syntax:
 # Referer Regex                       URL to Jump (or forbidden)

 http://malicious\.site\.example\.com/ http://goodbye.example.com/
 http://another\.malicious\.site/      forbidden
 http://ime\.nu/                       forbidden
 http://[^.]+\.google\.([^/]+)/        /hello_googler.html
 http://[^.]+\.yahoo\.([^/]+)/         /do_you_yahoo/?
 "Field blocked by"                    /do/not/block/the/field/

=head1 DESCRIPTION

Apache::JumpByReferer is an access phase handler of Apache + mod_perl.
You can block or let the user jump to another URL if the user was
coming from your specified web site.

This handler will cache the settings at the first time calling, and
check the last-modified time of the C<RefererListFile>, and will
re-cache the settings when the file was modified after the last cached
time. That is to say, you can always rewrite to change your settings.

Write a regular expressions (I<REGEX>) of your specified URL in the
C<RefererListFile>, and join a URL to jump behind the I<REGEX> in the
blank(s) if you want to let B<jump> the user.
Write and join C<Forbidden> (case insensitive) string behind the
I<REGEX> in the blank(s) if you don't want to access to the directory.

=head1 DIRECTIVES

=over 4

=item * PerlSetVar JumpByReferer ( On | Off )

C<JumpByReferer> is a switch to work of this handler. You must write
C<On> or C<Off> (case insensitive) value to this directive. It returns
DECLINED and will not work if the directive is not set to C<On>.

=item * PerlSetVar RefererListFile FILENAME

You must write your settings to C<RefererListFile>. The file must be
readable for the user and group of settings of Apache C<User> and
C<Group> directive.

=back

=head1 SYNTAX OF RefererListFile

You should write a valid I<REGEX> from line-head. The I<REGEX> will be
tested to check it is valid, and cached on this namespace with
timestamp of the modified time. But won't be cached if the I<REGEX> is
invalid.

and write the jumping URL or C<Forbidden> behind the I<REGEX>.

If you want to write a I<REGEX> which is including some space
character, you have to quote it. If you don't quote it, the parsing of
the text is failed.

This handler will do C<internal_redirect()> if the URL is internal
of own server. And this handler will print a C<Location> header with
C<REDIRECT> status if the URL is external. The judgement of it, an
external URL is started from C<http(s)://>, or an internal URI is
started from others.

The comment line is started by C<#> character, and it will be ignored
a blank line.

=head1 NOTES