Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Re: Re: CGI::param wrapper for untainting

by merlyn (Sage)
on Mar 28, 2001 at 00:00 UTC ( [id://67605]=note: print w/replies, xml ) Need Help??


in reply to Re: Re: CGI::param wrapper for untainting
in thread CGI::param wrapper for untainting

I have over 20k lines of code currently using param(), so I don't really want to go through it all and use the module Untaint individually each time.
Then don't bother turning on tainting if you're not using it. That's like painting a big lock on your door saying "I'm safe now".

Really. I'd reject your code in a heartbeat at a code review if I saw you were using global untainting without regard to the valid content of the fields. Bleh!

-- Randal L. Schwartz, Perl hacker

  • Comment on Re: Re: Re: CGI::param wrapper for untainting

Replies are listed 'Best First'.
A reply falls below the community's threshold of quality. You may see it by logging in.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://67605]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chanting in the Monastery: (4)
As of 2024-04-19 04:06 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found