http://www.perlmonks.org?node_id=398190

This is just a quick hack on the example that comes with HTTP::Daemon to serve your local perl documentation out with http. I rather like the way ActiveState perl on windows formats the docs, so I did this to read them when I'm working on my linux box.

I realize this is not secure, it is in no way meant to be, it only binds to localhost on port 83 because of this. Open it up to the world at your own discretion. Browsing to http://localhost:83 will give error 501/505 to avoid uninvited guests, you must request http://localhost:83/index.html to load the page.
#!/usr/bin/perl use strict; use warnings; use HTTP::Daemon; use HTTP::Status; my $perldocs = 'c:/Perl/html/'; my $n = "\n"; my $d = HTTP::Daemon->new(LocalAddr=>'localhost',LocalPort=>83) || die +; print "Listening on: <URL:", $d->url, ">\n"; while (my $c = $d->accept) { while (my $r = $c->get_request) { print $r->method." ".$r->url->path.$n; if ($r->method eq 'GET') { -e $perldocs.$r->url->path ? $c->send_file_response($perldocs.$r->url->path) : $c->send_error(RC_NOT_FOUND); } else { $c->send_error(RC_FORBIDDEN) } } $c->close; undef($c); }
I was inspired to post this after seeing perldoc.cgi this morning. Anyone care to merge them?

Replies are listed 'Best First'.
•Re: Serve local perl docs with HTTP::Daemon
by merlyn (Sage) on Oct 11, 2004 at 19:17 UTC
    Browsing to http://localhost:83 will give error 501/505 to avoid uninvited guests, you must request http://localhost:83/index.html to load the page.
    And on a unix box, browsing to http://localhost:83/../../../../etc/passwd will give you your password file. Cool!

    -- Randal L. Schwartz, Perl hacker
    Be sure to read my standard disclaimer if this is a reply.

      a little better.... added $r->url->path =~ s!../!!g;

      #!/usr/bin/perl use strict; use warnings; use HTTP::Daemon; use HTTP::Status; my $perldocs = 'c:/Perl/html/'; my $n = "\n"; my $d = HTTP::Daemon->new(LocalAddr=>'localhost',LocalPort=>83) || die +; print "Listening on: <URL:", $d->url, ">\n"; while (my $c = $d->accept) { while (my $r = $c->get_request) { $r->url->path =~ s!../!!g; print $r->method." ".$r->url->path.$n; if ($r->method eq 'GET') { -e $perldocs.$r->url->path ? $c->send_file_response($perldocs.$r->url->path) : $c->send_error(RC_NOT_FOUND); } else { $c->send_error(RC_FORBIDDEN) } } $c->close; undef($c); }

      No one has seen what you have seen, and until that happens, we're all going to think that you're nuts. - Jack O'Neil, Stargate SG-1

      I think you meant to quote this: I realize this is not secure, it is in no way meant to be... :-) On windows, something like this might be more interesting:
      C:\Documents and Settings\username\Application Data\Microsoft\Outlook\ +username.pst or C:\WINDOWS\system32\config\SYSTEM
      but I'd be more worried about things like windows default exporting your registry or the hidden C$ share...
Re: Serve local perl docs with HTTP::Daemon
by petdance (Parson) on Oct 12, 2004 at 19:58 UTC