Edit HTTP response headers

------=_Part_7974_17139320.1208809822453
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

I wrote a simple module that parses the HTTP response body and updates
certain text. I want the script to be able to parse and manipulate the HTTP
response headers as well. For example add secure and HttpOnly flags to
certain cookies, or add a redirection when a 500 error code is returned. The
code I have so far is:

============================================================ ==========================
package TE::ST;
# $Header:$
use strict;
use warnings;

use Apache2::Filter ();
use Apache2::RequestRec ();
use APR::Table ();

use Apache2::Const -compile => qw(OK);

use constant BUFF_LEN => 1024;
no warnings qw(redefine);

sub handler {
my $f = shift;

while ($f->read(my $buffer, BUFF_LEN)) {
# Disable autocomplete
$buffer =~ s/login method="post"/login method="post"
autocomplete="off" /g;

$f->print($buffer);
}

return Apache2::Const::OK;
}
1;
============================================================ ==========================

when using f->read it appears as though the HTTP headers are not including.
I know err_headers_out should have access to the headers, but is there a way
to force f->read to access the HTTP headers as well? I've seen the set and
add methods for err_headers_out, but can someone point me to a code example
of either editing the HTTP headers or rewriting the server response when
certain response codes are received?

Thanks.

------=_Part_7974_17139320.1208809822453
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

I wrote a simple module that parses the HTTP response body and updates certain text. I want the script to be able to parse and manipulate the HTTP response headers as well. For example add secure and HttpOnly flags to certain cookies, or add a redirection when a 500 error code is returned. The code I have so far is:


============================================================ ==========================
package TE::ST;
# $Header:$
use strict;
use warnings;

use Apache2::Filter ();
use Apache2::RequestRec ();

use APR::Table ();

use Apache2::Const -compile => qw(OK);

use constant BUFF_LEN => 1024;
no warnings qw(redefine);

sub handler {
    my $f = shift;
   
    while ($f->read(my $buffer, BUFF_LEN)) {

        # Disable autocomplete
        $buffer =~ s/login method="post"/login method="post" autocomplete="off" /g;

        $f->print($buffer);
    }

    return Apache2::Const::OK;

}
1;
============================================================ ==========================

when using f->read it appears as though the HTTP headers are not including. I know err_headers_out should have access to the headers, but is there a way to force f->read to access the HTTP headers as well? I've seen the set and add methods for err_headers_out, but can someone point me to a code example of either editing the HTTP headers or rewriting the server response when certain response codes are received?


Thanks.


------=_Part_7974_17139320.1208809822453--

Re: Edit HTTP response headers

On Mon, Apr 21, 2008 at 4:30 PM, J Amuse wrote:
> when using f->read it appears as though the HTTP headers are not including.
> I know err_headers_out should have access to the headers, but is there a way
> to force f->read to access the HTTP headers as well?

No, the headers are not part of the response body.

> I've seen the set and
> add methods for err_headers_out, but can someone point me to a code example
> of either editing the HTTP headers or rewriting the server response when
> certain response codes are received?

http://perl.apache.org/docs/2.0/user/coding/coding.html#Gene rating_HTTP_Response_Headers
http://perl.apache.org/docs/2.0/user/handlers/filters.html#I ntroducing_Filters

- Perrin

Re: Edit HTTP response headers

On Mon 21 Apr 2008, J Amuse wrote:
> I wrote a simple module that parses the HTTP response body and updates
> certain text. I want the script to be able to parse and manipulate the HTTP
> response headers as well. For example add secure and HttpOnly flags to
> certain cookies, or add a redirection when a 500 error code is returned.

You can modify outgoing headers up to the time they are sent. So, at the very
first call to your filter you can modify the status code as well as outgoing
headers. See Apache2::POST200 on CPAN.

Torsten

--
Need professional mod_perl support?
Just hire me: torsten.foertsch@gmx.net

Re: Edit HTTP response headers

------=_Part_6446_6455783.1209302283124
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On Wed, Apr 23, 2008 at 5:28 PM, Perrin Harkins wrote:

> On Mon, Apr 21, 2008 at 4:30 PM, J Amuse wrote:
>
>
> http://perl.apache.org/docs/2.0/user/coding/coding.html#Gene rating_HTTP_Response_Headers
>


Thanks Perrin.
This link references the set method, which will overwrite the header value.
I want to append text (i.e. append a secure and httponly flag if there is a
Set-Cookie header in the HTTP response). Is this possible with the overlay
method? How can I extract the contents of the Set-Cookie header to modify
it?

Jay

------=_Part_6446_6455783.1209302283124
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On Wed, Apr 23, 2008 at 5:28 PM, Perrin Harkins <> wrote:

Re: Edit HTTP response headers

On Sun, Apr 27, 2008 at 9:18 AM, J Amuse wrote:
> This link references the set method, which will overwrite the header value.
> I want to append text (i.e. append a secure and httponly flag if there is a
> Set-Cookie header in the HTTP response). Is this possible with the overlay
> method? How can I extract the contents of the Set-Cookie header to modify
> it?

You can read the headers with $r->headers_out->get(). When you call
$r->headers_out() it gives you an APR::Table object which you can read
and write as much as you like:
http://perl.apache.org/docs/2.0/api/APR/Table.html

- Perrin

Re: Edit HTTP response headers

------=_Part_8836_3293175.1209375233106
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On Wed, Apr 23, 2008 at 5:28 PM, Perrin Harkins wrote:

> On Mon, Apr 21, 2008 at 4:30 PM, J Amuse wrote:
> >
> >
> > http://perl.apache.org/docs/2.0/user/coding/coding.html#Gene rating_HTTP_Response_Headers
> >
> >
>
> Thanks Perrin.
> This link references the set method, which will overwrite the header
> value. I want to append text (i.e. append a secure and httponly flag if
> there is a Set-Cookie header in the HTTP response). Is this possible with
> the overlay method? How can I extract the contents of the Set-Cookie header
> to modify it?
>
>
For future reference, I was able to manipulate the HTTP headers via the
following code snippet:

sub handler
{
my $f = shift;

unless ($f->ctx)
{
my $SecureFlags = "\; secure\; HttpOnly\;";
my $Cookie = $f->r->headers_out->get("Set-Cookie");

if ($Cookie)
{
$Cookie .= $SecureFlags;
$f->r->headers_out->set("Set-Cookie" => "$Cookie");
}
$f->ctx(1);
}
}

Thanks again to Perrin for all his help.

------=_Part_8836_3293175.1209375233106
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On Wed, Apr 23, 2008 at 5:28 PM, Perrin Harkins <> wrote: