debian/0000755000000000000000000000000011766447512007203 5ustar debian/rules0000755000000000000000000000003611766447512010262 0ustar #!/usr/bin/make -f %: dh $@ debian/control0000644000000000000000000000534011766447512010610 0ustar Source: libcgi-application-plugin-ratelimit-perl Section: perl Priority: optional Maintainer: Debian Perl Group Uploaders: Nicholas Bamber , Jaldhar H. Vyas Build-Depends: debhelper (>= 8) Build-Depends-Indep: perl, libcgi-application-perl, libclass-accessor-perl, libdbi-perl, libdbd-sqlite3-perl Standards-Version: 3.9.3 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libcgi-application-plugin-ratelimit-perl.git Vcs-Git: git://git.debian.org/pkg-perl/packages/libcgi-application-plugin-ratelimit-perl.git Homepage: http://search.cpan.org/dist/CGI-Application-Plugin-RateLimit/ Package: libcgi-application-plugin-ratelimit-perl Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, libcgi-application-perl, libclass-accessor-perl Breaks: libcgi-application-extra-plugin-bundle-perl (<< 0.5) Replaces: libcgi-application-extra-plugin-bundle-perl (<< 0.5) Enhances: libcgi-application-perl Recommends: libcgi-application-plugin-dbh-perl Description: Perl module for limiting the runmode call rate per user CGI::Application::Plugin::RateLimit provides protection against a user calling a runmode too frequently. A typical use-case might be a contact form that sends email. You'd like to allow your users to send you messages, but thousands of messages from a single user would be a problem. . This module works by maintaining a database of hits to protected runmodes. It then checks this database to determine if a new hit should be allowed based on past activity by the user. The user's identity is, by default, tied to login (via REMOTE_USER) or IP address (via REMOTE_IP) if login info is not available. You may provide your own identity function via the identity_callback() method. . To use this module you must create a table in your database with the following schema (using MySQL-syntax, although other DBs may work as well with minor alterations): . CREATE TABLE rate_limit_hits ( user_id VARCHAR(255) NOT NULL, action VARCHAR(255) NOT NULL, timestamp UNSIGNED INTEGER NOT NULL, INDEX (user_id, action, timestamp) ); . You may feel free to vary the storage-type and size of user_id and action to match your usage. For example, if your identity_callback() always returns an integer you could make user_id an integer column. . This table should be periodically cleared of old data. Anything older than the maximum timeframe being used can be safely deleted. . IMPORTANT NOTE: The protection offered by this module is not perfect. Identifying a user on the internet is very hard and a sophisticated attacker can work around these checks, by switching IPs or automating login creation. debian/source/0000755000000000000000000000000011766447512010503 5ustar debian/source/format0000644000000000000000000000001411766447512011711 0ustar 3.0 (quilt) debian/changelog0000644000000000000000000000126311766447512011057 0ustar libcgi-application-plugin-ratelimit-perl (1.0-2) unstable; urgency=low * Team upload. * Add short description and improve long description. Thanks to Frederik Schwarzer for the bug report and the proposed patch. (Closes: #677495) * debian/copyright: update to Copyright-Format 1.0. * Bump Standards-Version to 3.9.3 (no changes). * Remove unused lintian override. -- gregor herrmann Thu, 14 Jun 2012 22:53:18 +0200 libcgi-application-plugin-ratelimit-perl (1.0-1) unstable; urgency=low * Split off from libcgi-application-extra-plugin-bundle-perl (Closes: #647863). -- Nicholas Bamber Fri, 11 Nov 2011 21:04:24 +0000 debian/compat0000644000000000000000000000000211766447512010401 0ustar 8 debian/copyright0000644000000000000000000000211011766447512011130 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: CGI-Application-Plugin-RateLimit Upstream-Contact: Sam Tregar Source: http://search.cpan.org/dist/CGI-Application-Plugin-RateLimit/ Files: * Copyright: 2006, Sam Tregar License: Artistic or GPL-1+ Files: debian/* Copyright: 2011, Nicholas Bamber License: Artistic or GPL-1+ License: Artistic This program is free software; you can redistribute it and/or modify it under the terms of the Artistic License, which comes with Perl. . On Debian systems, the complete text of the Artistic License can be found in `/usr/share/common-licenses/Artistic'. License: GPL-1+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. . On Debian systems, the complete text of version 1 of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-1'. debian/watch0000644000000000000000000000023511766447512010234 0ustar version=3 http://search.cpan.org/dist/CGI-Application-Plugin-RateLimit/ .*/CGI-Application-Plugin-RateLimit-v?(\d[\d.-]+)\.(?:tar(?:\.gz|\.bz2)?|tgz|zip)$