[ic] Adding backdoor for Interchange administration to the dancefloor

Jon Jensen jon at endpoint.com
Fri Sep 14 22:53:16 UTC 2012

On Fri, 14 Sep 2012, Stefan Hornburg (Racke) wrote:

> Does anyone know which kind of commandline parameters can be passed to 
> CGI in order to adjust the send_arguments function for the plugin?

Welcome to the 1990s!

Mike may be the only one who remembers for sure, but I think that dates 
from the Minivend 3 days before named arguments were used in GET requests, 
as defined in section 7 of the CGI spec:


and as parsed by Interchange in &Vend::Server::parse_post (which gets 
called for GET requests too), in the current version's lines 378-383:

     if( defined $pairs[0] and $pairs[0] =~ /^   (\w{8,32})? ; /x)  {
         @CGI::values{qw/ mv_session_id mv_arg mv_pc /}
             = split /;/, $pairs[0], 3;
         shift @pairs;

Back then a Minivend 3 URL looked something like:


And as per CGI spec, because there's no unencoded = in the query string, 
it's passed as a command line argument to the CGI program, appearing as 

The whole arg will show up in $ARGV[0] unless there are + characters, in 
which case those are spaces and it splits the other words into the rest of 

Anyway, Mike would have to confirm, but if I'm remembering this right, and 
you're not using ancient Minivend 3 args, you can probably just ignore 
this stuff altogether for your Dancer plugin.


Jon Jensen
End Point Corporation

More information about the interchange-users mailing list