| line | % | coverage | condition |
|---|
| 155 | 100 | | Params::Get::get_params(undef, @_) || {} |
| 175 | 20 | | A | B | C | D | dec |
|---|
| 0 | X | X | X | 0 | | 1 | 0 | X | X | 0 | | 1 | 1 | 0 | X | 0 | | 1 | 1 | 1 | 0 | 0 | | 1 | 1 | 1 | 1 | 1 |
| &Scalar::Util::blessed($$params{"logger"}) and $$params{"logger"}->can("warn") and $$params{"logger"}->can("info") and $$params{"logger"}->can("error") |
| 234 | 0 | | require File::Basename and "File::Basename"->import |
| 237 | 67 | | $self->_get_env("SCRIPT_NAME") // $0 |
| 254 | 100 | | "File::Spec"->file_name_is_absolute($script_name) and -r $script_name |
| 380 | 67 | | $$self{"site"} and $$self{"cgi_site"} |
| 383 | 67 | | $ENV{'HTTP_HOST'} || $ENV{'SERVER_NAME'} || $ENV{'SSL_TLS_SNI'} |
| 392 | 60 | | A | B | C | D | dec |
|---|
| 0 | X | X | X | 0 | | 1 | 0 | X | X | 0 | | 1 | 1 | 0 | X | 0 | | 1 | 1 | 1 | 0 | 0 | | 1 | 1 | 1 | 1 | 1 |
| $ENV{"SERVER_NAME"} and $host eq $ENV{"SERVER_NAME"} and my $protocol = $self->protocol and $self->protocol ne "http" |
| 404 | 33 | | $$self{"site"} ||= $$self{"cgi_site"} |
| 407 | 100 | | $self->protocol || 'http' |
| 410 | 33 | | $$self{"site"} and $$self{"cgi_site"} |
| 620 | 50 | | defined $$self{"paramref"} and !defined($$params{'allow'}) || defined $$self{'allow'} && $$params{'allow'} eq $$self{'allow'} |
| 647 | 100 | | $ENV{"REQUEST_METHOD"} eq "GET" or $ENV{"REQUEST_METHOD"} eq "HEAD" |
| 67 | | $ENV{'GATEWAY_INTERFACE'} && $ENV{'REQUEST_METHOD'} |
| 651 | 0 | | IO::Interactive::is_interactive() and not $$self{"args_read"} |
| 690 | 67 | | defined $content_type and $content_type =~ m[multipart/form-data]i |
| 700 | 67 | | not defined $content_length or $content_length =~ /\D/ |
| 704 | 67 | | $$self{"max_upload_size"} >= 0 and $content_length > $$self{"max_upload_size"} |
| 712 | 100 | | not defined $content_type or $content_type =~ m[application/x-www-form-urlencoded] |
| 800 | 33 | | require JSON::MaybeXS and "JSON::MaybeXS"->import |
| 937 | 100 | | not defined $ENV{"REQUEST_METHOD"} or $ENV{"REQUEST_METHOD"} eq "GET" |
| 941 | 36 | | A | B | C | D | E | F | G | H | I | J | dec |
|---|
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | X | 1 | | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | X | X | 1 | | 0 | 0 | 0 | 0 | 0 | 0 | 1 | X | X | X | 1 | | 0 | 0 | 0 | 0 | 0 | 1 | X | X | X | X | 1 | | 0 | 0 | 0 | 0 | 1 | X | X | X | X | X | 1 | | 0 | 0 | 0 | 1 | X | X | X | X | X | X | 1 | | 0 | 0 | 1 | X | X | X | X | X | X | X | 1 | | 0 | 1 | X | X | X | X | X | X | X | X | 1 | | 1 | X | X | X | X | X | X | X | X | X | 1 |
| $value =~ /(\%27)|(\')|(\%23)|(\#)/xi or $value =~ /((\%3D)|(=))[^\n]*((\%27)|(\')|(\-\-)|(\%3B)|(;))/i or $value =~ /\w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))\s*(OR|AND|UNION|SELECT|--)/xi or $value =~ /((\%27)|(\'))union/xi or $value =~ /select[[a-z]\s\*]from/xi or $value =~ /\sAND\s1=1/xi or $value =~ /\sOR\s.+\sAND\s/ or $value =~ m[/\*\*/ORDER/\*\*/BY/\*\*]xi or $value =~ m[/AND/.+\(SELECT/] or $value =~ /exec(\s|\+)+(s|x)p\w+/xi |
| 960 | 0 | | A | B | C | D | E | F | G | dec |
|---|
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | | 0 | 0 | 0 | 0 | 0 | 1 | X | 1 | | 0 | 0 | 0 | 0 | 1 | X | X | 1 | | 0 | 0 | 0 | 1 | X | X | X | 1 | | 0 | 0 | 1 | X | X | X | X | 1 | | 0 | 1 | X | X | X | X | X | 1 | | 1 | X | X | X | X | X | X | 1 |
| $agent =~ /SELECT.+AND.+/ or $agent =~ /ORDER BY / or $agent =~ / OR NOT / or $agent =~ / AND \d+=\d+/ or $agent =~ /THEN.+ELSE.+END/ or $agent =~ /.+AND.+SELECT.+/ or $agent =~ /\sAND\s.+\sAND\s/ |
| 970 | 40 | | A | B | C | D | dec |
|---|
| 0 | 0 | 0 | 0 | 0 | | 0 | 0 | 0 | 1 | 1 | | 0 | 0 | 1 | X | 1 | | 0 | 1 | X | X | 1 | | 1 | X | X | X | 1 |
| $value =~ m[((\%3C)|<)((\%2F)|/)*[a-z0-9\%]+((\%3E)|>)]xi or $value =~ /((\%3C)|<)[^\n]+((\%3E)|>)/i or $orig_value =~ m[((\%3C)|<)((\%2F)|/)*[a-z0-9\%]+((\%3E)|>)]xi or $orig_value =~ /((\%3C)|<)[^\n]+((\%3E)|>)/i |
| 991 | 100 | | $FORM{$key} and $FORM{$key} ne $value |
| 1046 | 100 | | $$self{"allow"} and not exists $$self{"allow"}{$field} |
| 1055 | 67 | | $$self{"in_param"} and $$self{"allow"} |
| 1252 | 67 | | $agent =~ m[(android|bb\d+|meego).+mobile|avantgo|bada/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino]i or substr($ENV{"HTTP_USER_AGENT"}, 0, 4) =~ m[1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-]i |
| 1259 | 67 | | defined $remote and $$self{"cache"} |
| 1275 | 67 | | defined $device && $device =~ /blackberry|webos|iphone|ipod|ipad|android/i |
| 1276 | 50 | | $is_mobile and $$self{"cache"} and defined $remote |
| 1299 | 100 | | $ENV{"HTTP_USER_AGENT"} and $ENV{"HTTP_USER_AGENT"} =~ /.+(iPad|TabletPC).+/ |
| 1324 | 100 | | $self->params || (return '') |
| 1359 | 100 | | $ENV{"SCRIPT_URI"} and $ENV{"SCRIPT_URI"} =~ m[^(.+)://.+] |
| 1362 | 100 | | $ENV{"SERVER_PROTOCOL"} and $ENV{"SERVER_PROTOCOL"} =~ m[^HTTP/] |
| 1431 | 100 | | $ENV{"C_DOCUMENT_ROOT"} and -d $ENV{"C_DOCUMENT_ROOT"} |
| 1433 | 67 | | -d $dir and -w $dir |
| 1437 | 33 | | -d $dir and -w $dir |
| 1441 | 100 | | $ENV{"DOCUMENT_ROOT"} and -d $ENV{"DOCUMENT_ROOT"} |
| 1443 | 33 | | -d $dir and -w $dir |
| 1465 | 100 | | $ENV{"DOCUMENT_ROOT"} and -d $ENV{"DOCUMENT_ROOT"} |
| 100 | | $ENV{"C_DOCUMENT_ROOT"} and -d $ENV{"C_DOCUMENT_ROOT"} |
| 1500 | 100 | | $_[0] and ref $_[0] |
| 1516 | 67 | | $_[0] and ref $_[0] |
| 1539 | 50 | | length $dir and -d $dir and -w $dir |
| 1547 | 60 | | A | B | C | D | dec |
|---|
| 0 | X | X | X | 0 | | 1 | 0 | X | X | 0 | | 1 | 1 | 0 | X | 0 | | 1 | 1 | 1 | 0 | 0 | | 1 | 1 | 1 | 1 | 1 |
| defined $rc and length $rc and -d $rc and -w $rc |
| 1552 | 33 | | not defined $dir or length $dir == 0 |
| 1553 | 67 | | $$self{"logdir"} ||= $dir |
| 1585 | 100 | | $remote and $agent |
| 1591 | 25 | | A | B | C | D | E | F | G | dec |
|---|
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | | 0 | 0 | 0 | 0 | 0 | 1 | X | 1 | | 0 | 0 | 0 | 0 | 1 | X | X | 1 | | 0 | 0 | 0 | 1 | X | X | X | 1 | | 0 | 0 | 1 | X | X | X | X | 1 | | 0 | 1 | X | X | X | X | X | 1 | | 1 | X | X | X | X | X | X | 1 |
| $agent =~ /SELECT.+AND.+/ or $agent =~ /ORDER BY / or $agent =~ / OR NOT / or $agent =~ / AND \d+=\d+/ or $agent =~ /THEN.+ELSE.+END/ or $agent =~ /.+AND.+SELECT.+/ or $agent =~ /\sAND\s.+\sAND\s/ |
| 1654 | 67 | | $referrer =~ /\)/ or &List::Util::any(sub {
$_ =~ /^$referrer/;
}
, @crawler_lists) |
| 1665 | 33 | | defined $remote and $$self{"cache"} |
| 1692 | 67 | | defined $is_robot && $is_robot |
| 1740 | 100 | | $remote and $agent |
| 1749 | 0 | | defined $remote and $$self{"cache"} |
| 1773 | 67 | | $browser->google || $browser->msn || $browser->baidu || $browser->altavista || $browser->yahoo || $browser->bingbot |
| 1775 | 50 | | $agent =~ m[SeznamBot/] or $agent =~ m[Google-InspectionTool/] or $agent =~ m[Googlebot/] |
| 1781 | 67 | | $is_search and $$self{"cache"} |
| 1788 | 0 | | gethostbyaddr(inet_aton($remote), 2) || $remote |
| 1792 | 0 | | A | B | C | D | dec |
|---|
| 0 | X | X | 0 | 0 | | 0 | X | X | 1 | 1 | | 1 | 0 | X | 0 | 0 | | 1 | 0 | X | 1 | 1 | | 1 | 1 | 0 | 0 | 0 | | 1 | 1 | 0 | 1 | 1 | | 1 | 1 | 1 | X | 1 |
| defined $hostname and $hostname =~ /google|msnbot|bingbot|amazonbot|GPTBot/ and not $hostname =~ /^google-proxy/ or Net::CIDR::cidrlookup($remote, @cidr_blocks) |
| 1936 | 100 | | $method and $method eq 'OPTIONS' || $method eq 'DELETE' |
| 1937 | 100 | | $method and ($method eq "POST" and not defined $ENV{"CONTENT_LENGTH"}) |
| 100 | | $method eq "POST" and not defined $ENV{"CONTENT_LENGTH"} |
| 1943 | 50 | | $$self{'status'} || 200 |
| 2042 | 33 | | scalar @messages and my $logger = $$self{"logger"} |
| 2129 | 67 | | exists $self->{'auto_load'} and &boolean($$self{"auto_load"})->isFalse |
| 2132 | 33 | | ref $self eq __PACKAGE__ or UNIVERSAL::isa((&CORE::GLOBAL::caller())[0], __PACKAGE__) |