1 package Koha::Middleware::SetEnv;
3 # Copyright 2016 ByWater Solutions and the Koha Dev Team
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
22 use parent qw(Plack::Middleware);
28 Koha::Middleware::SetEnv - Plack middleware to allow SetEnv through proxied headers
34 enable "Koha::Middleware::SetEnv";
39 SetEnv MEMCACHED_NAMESPACE "localhost:11211"
40 RequestHeader add X-Koha-SetEnv "MEMCACHED_NAMESPACE localhost:11211"
44 This module adds a Plack middleware to convert C<X-Koha-SetEnv> request headers to actual
45 environment variables.
47 This is needed because Plackified Koha is currently connected to Apache via an HTTP proxy, and
48 C<SetEnv>s are not passed through. Koha uses SetEnvs to pass memcached settings and per-virtualhost
49 styles, search limits and syspref overrides.
53 Due to how HTTP headers are combined, if you want to set a value with an embedded comma, it must be
56 SetEnv OVERRIDE_SYSPREF_LibraryName "The Best, Truly the Best, Koha Library"
57 RequestHeader add X-Koha-SetEnv "OVERRIDE_SYSPREF_LibraryName The Best\, Truly the Best\, Koha Library"
61 This system was designed to use a single header for reasons of security. We have no way of knowing
62 whether a given request header was set by Apache or the original client, so we have to clear any
63 relevant headers before Apache starts adding them. This is only really practical for a single header
68 my $allowed_setenvs = qr/^(
71 OVERRIDE_SYSPREF_(\w+) |
72 OVERRIDE_SYSPREF_NAMES |
79 my ( $self, $env ) = @_;
80 my $req = Plack::Request->new($env);
82 # First, we split the result only on unescaped commas.
83 my @setenv_headers = split /(?<!\\),\s*/, $req->header('X-Koha-SetEnv') || '';
85 # Then, these need to be mapped to key-value pairs, and commas removed.
87 # The syntax of this is a bit awkward because you can't use return inside a map (it
88 # returns from the enclosing function).
89 if (!/$allowed_setenvs/) {
90 warn "Forbidden/incorrect X-Koha-SetEnv: $_";
94 my ( $key, $value ) = /(\w+) (.*)/;
101 # Finally, everything is shoved into the $env.
107 # We also add the MEMCACHED_ settings to the actual environment, to make sure any early
108 # initialization of Koha::Cache correctly sets up a memcached connection.
109 foreach my $special_var ( qw( MEMCACHED_SERVERS MEMCACHED_NAMESPACE ) ) {
110 $ENV{$special_var} = $setenvs{$special_var} if defined $setenvs{$special_var};
113 return $self->app->($env);
118 Jesse Weaver, E<lt>jweaver@bywatersolutions.comE<gt>