Remember my last post, making fun of homeland security mentions? How about this one....
... Remote haptic interaction could allow people who are allergic to dogs and cats to caress their pets remotely. Used in zoos, it may allow visitors to pat a lion or scratch a bear. A security officer could remotely and silently signal a dog wearing a haptic suit, giving the animal instructions by simply touching it, which could be useful in rescue work or homeland security applications. ....
Ahh yeah. Remotely petting chickens and fighting the terrorists. All things connected.
This afternoon/evening I learned LWP inside and out, in order to make LWPx::ParanoidAgent, a subclass of LWP::UserAgent that protects you from evil. In particular:
-- won't connect to private, loopback, or multicast IPs. including on redirects
-- configurable blacklist of hostnames or hostname regexps
-- avoids a malicious/accidental tarpitting webserver, sending 1 byte per 9 seconds, to avoid LWP::UserAgent's timeout parameter if you set it at, say, 10 seconds. (my ParanoidAgent has a global timeout, including across all redirects)
I had to end up forking LWP::Protocol::http since there's pretty much just one huge function in it, and I had to change it. So LWPx::ParanoidAgent is subclassed, and it allows only two schemes, http and https, which map to protocols LWPx::Protocol::http_timelimit and https_timelimit. (https code is like 20 lines, just calling the http code after a different socket is made) Proxy support is explicity removed, telling you to do your paranoia on your proxy if you want to use a proxy.
This will be released on CPAN at about the same time as OpenID::Consumer, which lets you specify your own LWP::UserAgent subclass. Currently LiveJournal uses a version of this called SafeAgent.pm, but it has-a LWP::UserAgent in it, and it's not a sub-class, so it's annoying to use since it doesn't always work everywhere. And it uses alarm(), which just always sucks, and isn't portable. ParanoidAgent just tracks the time remaining and sets the select timeouts accordingly.
I had to end up writing a little httpd (just run from xinetd to make it easy) that lets me specify redirects and timeouts from the URL.
