This file is indexed.

/usr/share/perl5/Dancer/Config.pm is in libdancer-perl 1.3091+dfsg-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
package Dancer::Config;

use strict;
use warnings;
use base 'Exporter';
use vars '@EXPORT_OK';

use Dancer::Deprecation;
use Dancer::Template;
use Dancer::ModuleLoader;
use Dancer::FileUtils 'path';
use Carp;
use Dancer::Exception qw(:all);

use Encode;

@EXPORT_OK = qw(setting);

my $SETTINGS = {};

# mergeable settings
my %MERGEABLE = map { ($_ => 1) } qw( plugins handlers );
my %_LOADED;

sub settings {$SETTINGS}

my $setters = {
    logger => sub {
        my ($setting, $value) = @_;
        Dancer::Logger->init($value, settings());
    },
    log_file => sub {
        Dancer::Logger->init(setting("logger"), setting());
    },
    session => sub {
        my ($setting, $value) = @_;
        Dancer::Session->init($value, settings());
    },
    template => sub {
        my ($setting, $value) = @_;
        Dancer::Template->init($value, settings());
    },
    route_cache => sub {
        my ($setting, $value) = @_;
        require Dancer::Route::Cache;
        Dancer::Route::Cache->reset();
    },
    serializer => sub {
        my ($setting, $value) = @_;
        require Dancer::Serializer;
        Dancer::Serializer->init($value);
    },
    import_warnings => sub {
        my ($setting, $value) = @_;
        $^W = $value ? 1 : 0;
    },
    auto_page => sub {
        my ($setting, $auto_page) = @_;
        if ($auto_page) {
            require Dancer::App;
            Dancer::App->current->registry->universal_add(
                'get', '/:page',
                sub {
                    my $params = Dancer::SharedData->request->params;
                    if  (-f Dancer::engine('template')->view($params->{page})) {
                        return Dancer::template($params->{'page'});
                    } else {
                        return Dancer::pass();
                    }
                }
            );
        }
    },
    traces => sub {
        my ($setting, $traces) = @_;
        $Dancer::Exception::Verbose = $traces ? 1 : 0;
    },
};
$setters->{log_path} = $setters->{log_file};

my $normalizers = {
    charset => sub {
        my ($setting, $charset) = @_;
        length($charset || '')
          or return $charset;
        my $encoding = Encode::find_encoding($charset);
        defined $encoding
          or raise core_config => "Charset defined in configuration is wrong : couldn't identify '$charset'";
        my $name = $encoding->name;
        # Perl makes a distinction between the usual perl utf8, and the strict
        # utf8 charset. But we don't want to make this distinction
        $name eq 'utf-8-strict'
          and $name = 'utf-8';
        return $name;
    },
};

sub normalize_setting {
    my ($class, $setting, $value) = @_;

    $value = $normalizers->{$setting}->($setting, $value)
      if exists $normalizers->{$setting};

    return $value;
}

# public accessor for get/set
sub setting {
    if (@_ == 1) {
        return _get_setting(shift @_);
    }
    else {
        # can be useful for debug! Use Logger, instead?
        die "Odd number in 'set' assignment" unless scalar @_ % 2 == 0;

        my $count = 0;
        while (@_) {
            my $setting = shift;
            my $value   = shift;

            _set_setting  ($setting, $value);

            # At the moment, with any kind of hierarchical setter,
            # there is no case where the same trigger will be run more
            # than once. If/when a hierarchical setter is implemented,
            # we should create a list of the hooks that should be run,
            # and run them at the end of this while, only (efficiency
            # purposes).
            _trigger_hooks($setting, $value);
            $count++
        }
        return $count; # just to return anything, the number of items set.
    }
}

sub _trigger_hooks {
    my ($setting, $value) = @_;

    $setters->{$setting}->(@_) if defined $setters->{$setting};
}

sub _set_setting {
    my ($setting, $value) = @_;

    return unless @_ == 2;

    # normalize the value if needed
    $value = Dancer::Config->normalize_setting($setting, $value);
    $SETTINGS->{$setting} = $value;
    return $value;
}

sub _get_setting {
    my $setting = shift;

    return $SETTINGS->{$setting};
}

sub conffile { path(setting('confdir') || setting('appdir'), 'config.yml') }

sub environment_file {
    my $env = setting('environment');
    return path(setting('appdir'), 'environments', "$env.yml");
}

sub init_confdir {
    return setting('confdir') if setting('confdir');
    setting confdir => $ENV{DANCER_CONFDIR} || setting('appdir');
}

sub load {
    init_confdir();

    # look for the conffile
    return 1 unless -f conffile;

    # load YAML
    confess "Configuration file found but YAML is not installed"
      unless Dancer::ModuleLoader->load('YAML');

    if (!$_LOADED{conffile()}) {
        load_settings_from_yaml(conffile);
        $_LOADED{conffile()}++;
    }

    my $env = environment_file;
    if (-f $env && !$_LOADED{$env}) {
        load_settings_from_yaml($env);
        $_LOADED{$env}++;
    }

    foreach my $key (grep { $setters->{$_} } keys %$SETTINGS) {
        $setters->{$key}->($key, $SETTINGS->{$key});
    }

    return 1;
}

sub load_settings_from_yaml {
    my ($file) = @_;

    my $config;

    eval { $config = YAML::LoadFile($file) };
    if (my $err = $@ || (!$config)) {
        confess "Unable to parse the configuration file: $file: $@";
    }

    for my $key (keys %{$config}) {
        if ($MERGEABLE{$key}) {
            my $setting = setting($key);
            $setting->{$_} = $config->{$key}{$_} for keys %{$config->{$key}};
        }
        else {
            _set_setting($key, $config->{$key});
        }
    }

    return scalar(keys %$config);
}

sub load_default_settings {
    $SETTINGS->{server}        ||= $ENV{DANCER_SERVER}        || '0.0.0.0';
    $SETTINGS->{port}          ||= $ENV{DANCER_PORT}          || '3000';
    $SETTINGS->{content_type}  ||= $ENV{DANCER_CONTENT_TYPE}  || 'text/html';
    $SETTINGS->{charset}       ||= $ENV{DANCER_CHARSET}       || '';
    $SETTINGS->{startup_info}  ||= $ENV{DANCER_STARTUP_INFO}  || 1;
    $SETTINGS->{daemon}        ||= $ENV{DANCER_DAEMON}        || 0;
    $SETTINGS->{apphandler}    ||= $ENV{DANCER_APPHANDLER}    || 'Standalone';
    $SETTINGS->{warnings}      ||= $ENV{DANCER_WARNINGS}      || 0;
    $SETTINGS->{auto_reload}   ||= $ENV{DANCER_AUTO_RELOAD}   || 0;
    $SETTINGS->{traces}        ||= $ENV{DANCER_TRACES}        || 0;
    $SETTINGS->{server_tokens} ||= $ENV{DANCER_SERVER_TOKENS} || 1;
    $SETTINGS->{logger}        ||= $ENV{DANCER_LOGGER}        || 'file';
    $SETTINGS->{environment}   ||=
         $ENV{DANCER_ENVIRONMENT}
      || $ENV{PLACK_ENV}
      || 'development';

    setting $_ => {} for keys %MERGEABLE;
    setting template        => 'simple';
    setting import_warnings => 1;
}

load_default_settings();

1;

__END__

=pod

=head1 NAME

Dancer::Config - how to configure Dancer to suit your needs

=head1 DESCRIPTION

Dancer::Config handles reading and changing the configuration of your Dancer
apps.  The documentation for this module aims to describe how to change
settings, and which settings are available.

=head1 SETTINGS

You can change a setting with the keyword B<set>, like the following:

    use Dancer;

    # changing default settings
    set port         => 8080;
    set content_type => 'text/plain';
    set startup_info => 0;

A better way of defining settings exists: using YAML file. For this to be
possible, you have to install the L<YAML> module. If a file named B<config.yml>
exists in the application directory, it will be loaded, as a setting group.

The same is done for the environment file located in the B<environments>
directory.

=head1 SUPPORTED SETTINGS

=head2 Run mode and listening interface/port

=head3 server (string)

The IP address that the Dancer app should bind to.  Default is 0.0.0.0, i.e.
bind to all available interfaces.

=head3 port (int)

The port Dancer will listen to.

Default value is 3000. This setting can be changed on the command-line with the
B<--port> switch.

=head3 daemon (boolean)

If set to true, runs the standalone webserver in the background.
This setting can be changed on the command-line with the B<--daemon> flag.

=head3 behind_proxy (boolean)

If set to true, Dancer will look to C<X-Forwarded-Protocol> and
C<X-Forwarded-host> when constructing URLs (for example, when using
C<redirect>. This is useful if your application is behind a proxy.

=head2 Content type / character set

=head3 content_type (string)

The default content type of outgoing content.
Default value is 'text/html'.

=head3 charset (string)

This setting has multiple effects:

=over

=item *

It sets the default charset of outgoing content. C<charset=> item will be
added to Content-Type response header.

=item *

It makes Unicode bodies in HTTP responses of C<text/*> types to be encoded to
this charset.

=item *

It also indicates to Dancer in which charset the static files and templates are
encoded.

=item *

If you're using L<Dancer::Plugin::Database>, UTF-8 support will automatically be
enabled for your database - see 
L<Dancer::Plugin::Database/"AUTOMATIC UTF-8 SUPPORT">

=back

Default value is empty which means don't do anything. HTTP responses
without charset will be interpreted as ISO-8859-1 by most clients.

You can cancel any charset processing by specifying your own charset
in Content-Type header or by ensuring that response body leaves your
handler without Unicode flag set (by encoding it into some 8bit
charset, for example).

Also, since automatically serialized JSON responses have
C<application/json> Content-Type, you should always encode them by
hand.

=head3 default_mime_type (string)

Dancer's L<Dancer::MIME> module uses C<application/data> as a default
mime type. This setting lets the user change it. For example, if you
have a lot of files being served in the B<public> folder that do not
have an extension, and are text files, set the C<default_mime_type> to
C<text/plain>.


=head2 File / directory locations

=head3 environment (string)

This is the name of the environment that should be used. Standard
Dancer applications have a C<environments> folder with specific
configuration files for different environments (usually development
and production environments). They specify different kind of error
reporting, deployment details, etc. These files are read after the
generic C<config.yml> configuration file.

The running environment can be set with:

   set environment => "production";

Note that this variable is also used as a default value if other
values are not defined.

=head3 appdir (directory)

This is the path where your application will live.  It's where Dancer
will look by default for your config files, templates and static
content.

It is typically set by C<use Dancer> to use the same directory as your
script.

=head3 public (directory)

This is the directory, where static files are stored. Any existing
file in that directory will be served as a static file, before
matching any route.

By default, it points to $appdir/public.

=head3 views (directory)

This is the directory where your templates and layouts live.  It's the
"view" part of MVC (model, view, controller).

This defaults to $appdir/views.

=head2 Templating & layouts

=head3 template

Allows you to configure which template engine should be used.  For instance, to
use Template Toolkit, add the following to C<config.yml>:

    template: template_toolkit


=head3 layout (string)

The name of the layout to use when rendering view. Dancer will look for
a matching template in the directory $views/layout.

Your can override the default layout using the third argument of the
C<template> keyword. Check C<Dancer> manpage for details.


=head2 Logging, debugging and error handling

=head3 import_warnings (boolean, default: enabled)

If true, or not present, C<use warnings> will be in effect in scripts in which
you import C<Dancer>.  Set to a false value to disable this.

=head3 startup_info (boolean)

If set to true, prints a banner at the server start with information such as
versions and the environment (or "dancerfloor").

Conforms to the environment variable DANCER_STARTUP_INFO.

=head3 warnings (boolean)

If set to true, tells Dancer to consider all warnings as blocking errors.

=head3 traces (boolean)

If set to true, Dancer will display full stack traces when a warning or a die
occurs. (Internally sets Carp::Verbose). Default to false.

=head3 server_tokens (boolean)

If set to true, Dancer will add an "X-Powered-By" header and also append
the Dancer version to the "Server" header. Default to true.

You can also use the environment variable C<DANCER_SERVER_TOKENS>.

=head3 log_path (string)

Folder where the ``file C<logger>'' saves logfiles.

=head3 log_file (string)

Name of the file to create when ``file C<logger>'' is active. It
defaults to the C<environment> setting contents.

=head3 logger (enum)

Select which logger to use.  For example, to write to log files in C<log_path>:

    logger: file

Or to direct log messages to the console from which you started your Dancer app
in standalone mode,

    logger: console

Various other logger backends are available on CPAN, including 
L<Dancer::Logger::Syslog>, L<Dancer::Logger::Log4perl>, L<Dancer::Logger::PSGI>
(which can, with the aid of Plack middlewares, send log messages to a browser's
console window) and others.

=head3 log (enum)

Tells which log messages should be actually logged. Possible values are
B<core>, B<debug>, B<warning> or B<error>.

=over 4

=item B<core> : all messages are logged, including some from Dancer itself

=item B<debug> : all messages are logged

=item B<warning> : only warning and error messages are logged

=item B<error> : only error messages are logged

=back

During development, you'll probably want to use C<debug> to see your own debug
messages, and C<core> if you need to see what Dancer is doing.  In production,
you'll likely want C<error> or C<warning> only, for less-chatty logs.


=head3 show_errors (boolean)

If set to true, Dancer will render a detailed debug screen whenever an error is
caught. If set to false, Dancer will render the default error page, using
$public/$error_code.html if it exists or the template specified by the
C<error_template> setting.

The error screen attempts to sanitise sensitive looking information (passwords /
card numbers in the request, etc) but you still should not have show_errors
enabled whilst in production, as there is still a risk of divulging details.


=head3 error_template (template path)

This setting lets you specify a template to be used in case of runtime
error. At the present moment the template can use three variables:

=over 4

=item B<title>

The error title.

=item B<message>

The error message.

=item B<code>

The code throwing that error.

=back


=head3 auto_reload (boolean)

Requires L<Module::Refresh> and L<Clone>.

If set to true, Dancer will reload the route handlers whenever the file where
they are defined is changed. This is very useful in development environment but
B<should not be enabled in production>. Enabling this flag in production yields
a major negative effect on performance because of L<Module::Refresh>.

When this flag is set, you don't have to restart your webserver whenever you
make a change in a route handler.

Note that L<Module::Refresh> only operates on files in C<%INC>, so if the script
your Dancer app is started from changes, even with auto_reload enabled, you will
still not see the changes reflected until you start your app.

=head2 Session engine

=head3 session (enum)

This setting lets you enable a session engine for your web application. Be
default, sessions are disabled in Dancer, you must choose a session engine to
use them.

See L<Dancer::Session> for supported engines and their respective configuration.

=head3 session_expires

The session expiry time in seconds, or as e.g. "2 hours" (see
L<Dancer::Cookie/expires>.  By default, there is no specific expiry time.

=head3 session_name

The name of the cookie to store the session ID in.  Defaults to
C<dancer.session>.  This can be overridden by certain session engines.

=head3 session_secure

The user's session ID is stored in a cookie.  If the C<session_secure> setting
is set to a true value, the cookie will be marked as secure, meaning it should
only be sent over HTTPS connections.

=head3 session_is_http_only

This setting defaults to 1 and instructs the session cookie to be
created with the C<HttpOnly> option active, meaning that JavaScript
will not be able to access to its value.


=head2 auto_page (boolean)

For simple pages where you're not doing anything dynamic, but still
want to use the template engine to provide headers etc, you can use
the auto_page feature to avoid the need to create a route for each
page.

With C<auto_page> enabled, if the requested path does not match any
specific route, Dancer will check in the views directory for a
matching template, and use it to satisfy the request if found.

Simply enable auto_page in your config:

    auto_page: 1

Then, if you request C</foo/bar>, Dancer will look in the views dir for
C</foo/bar.tt>.

Dancer will honor your C<before_template> code, and all default
variables. They will be accessible and interpolated on automatic
served pages.


=head1 AUTHOR

This module has been written by Alexis Sukrieh <sukria@cpan.org> and others,
see the AUTHORS file that comes with this distribution for details.

=head1 LICENSE

This module is free software and is released under the same terms as Perl
itself.

=head1 SEE ALSO

L<Dancer>

=cut