Security Advisories (3)

CPANSA-libwww-perl-2017-01 (2017-11-06)

LWP::Protocol::file can open existent file from file:// scheme. However, current version of LWP uses open FILEHANDLE,EXPR and it has ability to execute arbitrary command

https://github.com/libwww-perl/libwww-perl/pull/270

CVE-2011-0633 (2011-01-20)

The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated.

CVE-2026-8368 (2026-05-12)

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are sent unchanged to the redirect target, including across scheme, host, or port changes. A redirect to an attacker controlled host therefore discloses the caller's credentials to that host.

NAME

HTTP::Cookies::Microsoft - access to Microsoft cookies files

SYNOPSIS

use LWP;
use HTTP::Cookies::Microsoft;
use Win32::TieRegistry(Delimiter => "/");
my $cookies_dir = $Registry->
     {"CUser/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders/Cookies"};

$cookie_jar = HTTP::Cookies::Microsoft->new(
                  file     => "$cookies_dir\\index.dat",
                  'delayload' => 1,
              );
my $browser = LWP::UserAgent->new;
$browser->cookie_jar( $cookie_jar );

DESCRIPTION

This is a subclass of HTTP::Cookies which loads Microsoft Internet Explorer 5.x and 6.x for Windows (MSIE) cookie files.

See the documentation for HTTP::Cookies.

METHODS

The following methods are provided:

$cookie_jar = HTTP::Cookies::Microsoft->new;

The constructor takes hash style parameters. In addition to the regular HTTP::Cookies parameters, HTTP::Cookies::Microsoft recognizes the following:

delayload:       delay loading of cookie data until a request
                 is actually made. This results in faster
                 runtime unless you use most of the cookies
                 since only the domain's cookie data
                 is loaded on demand.

CAVEATS

Please note that the code DOESN'T support saving to the MSIE cookie file format.

AUTHOR

Johnny Lee <typo_pl@hotmail.com>

COPYRIGHT

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

To install LWP, copy and paste the appropriate command in to your terminal.

cpanm

cpanm LWP

CPAN shell

perl -MCPAN -e shell
install LWP

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)