|
|
T-002: Vulnerability in Host INtegration Server RPC Service
|
|
JSON::RPC::Server(3pm) User Contributed Perl Documentation JSON::RPC::Server(3pm) NAME
JSON::RPC::Server - Perl implementation of JSON-RPC sever SYNOPSIS
# CGI version use JSON::RPC::Server::CGI; my $server = JSON::RPC::Server::CGI->new; $server->dispatch_to('MyApp')->handle(); # Apache version # In apache conf PerlRequire /your/path/start.pl PerlModule MyApp <Location /jsonrpc/API> SetHandler perl-script PerlResponseHandler JSON::RPC::Server::Apache PerlSetVar dispatch "MyApp" PerlSetVar return_die_message 0 </Location> # Daemon version use JSON::RPC::Server::Daemon; JSON::RPC::Server::Daemon->new(LocalPort => 8080); ->dispatch({'/jsonrpc/API' => 'MyApp'}) ->handle(); # FastCGI version use JSON::RPC::Server::FastCGI; my $server = JSON::RPC::Server::FastCGI->new; $server->dispatch_to('MyApp')->handle(); DESCRIPTION
Gets a client request. Parses its JSON data. Passes the server object and the object decoded from the JSON data to your procedure (method). Takes your returned value (scalar or arrayref or hashref). Sends a response. Well, you write your procedure code only. METHODS
new Creates new JSON::RPC::Server object. dispatch($package) dispatch([$package1, $package1, ...]) dispatch({$path => $package, ...}) Sets your procedure module using package name list or arrayref or hashref. Hashref version is used for path_info access. dispatch_to An alias to "dispatch". handle Runs server object and returns a response. raise_error(%hash) return $server->raise_error( code => 501, message => "This is error in my procedure." ); Sets an error. An error code number in your procedure is an integer between 501 and 899. json Setter/Getter to json encoder/decoder object. The default value is JSON object in the below way: JSON->new->utf8 In your procedure, changes its behaviour. $server->json->utf8(0); The JSON coder creating method is "create_json_coder". version Setter/Getter to JSON-RPC protocol version used by a client. If version is 1.1, returns 1.1. Otherwise returns 0. charset Setter/Getter to cahrset. Default is 'UTF-8'. content_type Setter/Getter to content type. Default is 'application/json'. return_die_message When your program dies in your procedure, sends a return object with errror message 'Procedure error' by default. If this option is set, uses "die" message. sub your_procedure { my ($s) = @_; $s->return_die_message(1); die "This is test."; } retrieve_json_from_post It is used by JSON::RPC::Server subclass. retrieve_json_from_get In the protocol v1.1, 'GET' request method is also allowable. It is used by JSON::RPC::Server subclass. response It is used by JSON::RPC::Server subclass. request Returns HTTP::Request object. path_info Returns PATH_INFO. max_length Returns max content-length to your application. translate_error_message Implemented in your subclass. Three arguments (server object, error code and error message) are passed. It must return a message. sub translate_error_message { my ($s, $code, $message) = @_; return $translation_jp_message{$code}; } create_json_coder (Class method) Returns a JSON de/encoder in "new". You can override it to use your favorite JSON de/encode. RESERVED PROCEDURE
When a client call a procedure (method) name 'system.foobar', JSON::RPC::Server look up MyApp::system::foobar. <http://json-rpc.org/wd/JSON-RPC-1-1-WD-20060807.html#ProcedureCall> <http://json-rpc.org/wd/JSON-RPC-1-1-WD-20060807.html#ServiceDescription> There is JSON::RPC::Server::system::describe for default response of 'system.describe'. SEE ALSO
JSON <http://json-rpc.org/wd/JSON-RPC-1-1-WD-20060807.html> <http://json-rpc.org/wiki/specification> AUTHOR
Makamaka Hannyaharamitu, <makamaka[at]cpan.org> COPYRIGHT AND LICENSE
Copyright 2007-2008 by Makamaka Hannyaharamitu This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. perl v5.10.1 2008-09-01 JSON::RPC::Server(3pm)
