No such thing as a small change | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Whether you can trust your users isn't an issue. Whether you can trust anyone who might come across your UI anytime in the future is an issue.
Out of general paranoia our CGI wrapper drops any characters that are not in {A-Za-z0-9-\/.@,: }. (And ':' was a recent addition, to support entering URLs.) -- Spring: Forces, Coiled Again! In reply to Re: Re: User regexps
by paulbort
|
|