{"id":16315198,"url":"https://github.com/robrwo/plack-middleware-blockheaderinjection","last_synced_at":"2025-07-24T15:16:56.041Z","repository":{"id":18156819,"uuid":"21253950","full_name":"robrwo/Plack-Middleware-BlockHeaderInjection","owner":"robrwo","description":"Plack middleware to block header injections","archived":false,"fork":false,"pushed_at":"2023-06-19T08:41:32.000Z","size":33,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-16T17:56:49.680Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/robrwo.png","metadata":{"files":{"readme":"README.md","changelog":"Changes","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-06-26T20:26:47.000Z","updated_at":"2023-06-15T22:31:23.000Z","dependencies_parsed_at":"2024-11-06T09:23:45.064Z","dependency_job_id":"1605d930-5144-414b-aa21-6e69a3d078ba","html_url":"https://github.com/robrwo/Plack-Middleware-BlockHeaderInjection","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robrwo%2FPlack-Middleware-BlockHeaderInjection","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robrwo%2FPlack-Middleware-BlockHeaderInjection/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robrwo%2FPlack-Middleware-BlockHeaderInjection/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robrwo%2FPlack-Middleware-BlockHeaderInjection/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/robrwo","download_url":"https://codeload.github.com/robrwo/Plack-Middleware-BlockHeaderInjection/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252566599,"owners_count":21769072,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-10T21:56:29.753Z","updated_at":"2025-05-05T19:52:47.702Z","avatar_url":"https://github.com/robrwo.png","language":"Perl","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NAME\n\nPlack::Middleware::BlockHeaderInjection - block header injections in responses\n\n# VERSION\n\nversion v1.1.1\n\n# SYNOPSIS\n\n```perl\nuse Plack::Builder;\n\nmy $app = ...\n\n$app = builder {\n  enable 'BlockHeaderInjection',\n    status =\u003e 500;\n  $app;\n};\n```\n\n# DESCRIPTION\n\nThis middleware will check responses for injected headers. If the\nheaders contain newlines, then the return code is set to `500` and\nthe offending header(s) are removed.\n\nA common source of header injections is when parameters are passed\nunchecked into a header (such as the redirection location).\n\nAn attacker can use injected headers to bypass system security, by\nforging a header used for security (such as a referrer or cookie).\n\n# ATTRIBUTES\n\n## \u0026lt;status\n\nThe status code to return if an invalid header is found. By default,\nthis is `500`.\n\n# SUPPORT FOR OLDER PERL VERSIONS\n\nSince v1.1.0, this module requires Perl v5.12 or later.\n\nFuture releases may only support Perl versions released in the last ten years.\n\nIf you need this module on Perl v5.8, please use one of the v1.0.x versions of this module.  Signficant bug or security\nfixes may be backported to those versions.\n\n# SEE ALSO\n\n[https://en.wikipedia.org/wiki/HTTP\\_header\\_injection](https://en.wikipedia.org/wiki/HTTP_header_injection)\n\n# SOURCE\n\nThe development version is on github at [https://github.com/robrwo/Plack-Middleware-BlockHeaderInjection](https://github.com/robrwo/Plack-Middleware-BlockHeaderInjection)\nand may be cloned from [git://github.com/robrwo/Plack-Middleware-BlockHeaderInjection.git](git://github.com/robrwo/Plack-Middleware-BlockHeaderInjection.git)\n\n# BUGS\n\nPlease report any bugs or feature requests on the bugtracker website\n[https://github.com/robrwo/Plack-Middleware-BlockHeaderInjection/issues](https://github.com/robrwo/Plack-Middleware-BlockHeaderInjection/issues)\n\nWhen submitting a bug or request, please include a test-file or a\npatch to an existing test-file that illustrates the bug or desired\nfeature.\n\n# AUTHOR\n\nRobert Rothenberg \u003crrwo@cpan.org\u003e\n\nThe initial development of this module was supported by\nFoxtons, Ltd [https://www.foxtons.co.uk](https://www.foxtons.co.uk).\n\n# COPYRIGHT AND LICENSE\n\nThis software is Copyright (c) 2014,2020,2023 by Robert Rothenberg.\n\nThis is free software, licensed under:\n\n```\nThe Artistic License 2.0 (GPL Compatible)\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobrwo%2Fplack-middleware-blockheaderinjection","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frobrwo%2Fplack-middleware-blockheaderinjection","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobrwo%2Fplack-middleware-blockheaderinjection/lists"}