Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re: Recommendations for client-side state management

by jdrago999 (Pilgrim)
on Nov 23, 2011 at 01:54 UTC ( #939578=note: print w/replies, xml ) Need Help??

in reply to Recommendations for client-side state management

Another option: convert the data to a JSON string base64-encoded JSON string, then sign the string.

use JSON::XS; use Digest::MD5 'md5_hex'; use MIME::Base64; my $signing_key = '//Sw0rdFiSh//'; my $data = { first_name => 'Will', last_name => 'Smith', age => 39, }; my $json_string = encode_json( $data ); my $signature = md5_hex( $signing_key . $json_string ); my $base64_encoded = encode_base64( $json_string, '' ); # Send the encoded data and the signature in the HTML as hidden fields print <<"HTML"; <input type="hidden" name="_signature" value="@{[ $signature ]}" /> <input type="hidden" name="_data" value="@{[ $base64_encoded ]}" /> HTML

Later, when processing the stored data on another step:

my $json_string = decode_base64( $q->param('_data') ); my $new_signature = md5_hex( $signing_key . $json_string ); unless( $new_signature eq $q->param('_signature') ) { die "The data has been tampered with"; }# end unless()

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://939578]
[stevieb]: found a issue in MetaCPAN::Client though today for my revdep tests. At least I think it's an issue
[stevieb]: I'm working on hiding the fact the software needs MetaCPAN::Client, as I often have a hell of a time installing it. I'm going to change it to let the user know if they do revdep that it needs to be installed, and remove that distribution ..
[stevieb]: ...from being a prereq

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (3)
As of 2017-06-25 23:36 GMT
Find Nodes?
    Voting Booth?
    How many monitors do you use while coding?

    Results (572 votes). Check out past polls.