in reply to HTML::ENTITIES for URL encoding

My best guess is that should have been: 'http://google.com/">'
or perhaps you are intentionally looking to output: 'http://google.com/>"'?

Regardless it looks like your problem is that you need to turn on "use strict;". The you'll see that $self->query does not exist! Try instead "my( $query ) = shift;" and use "my @params = $query->param();" (Notice no arguments) to fetch the list of parameters.

If you need to filter to just parameter names containing special chars filter using "next".

Replies are listed 'Best First'.
Re^2: HTML::ENTITIES for URL encoding
by aakashmgupta (Initiate) on Mar 05, 2015 at 03:34 UTC
    when user hits my url on browser like this
    http://example.com/>"<script>alert(1212)</script>
    this triggers the javascript i want to escape/remove/replace the special characters so that i will not triggers javascript
    and second thing
    "if you need to filter to just parameter names containing special chars filter using "next"."
    i didn't get this can you please explain?
[reply]

      >"<script>alert(1212)< <--- In all likely hood this directory is not found, no Perl coding is necessary. Your web server will fail with a 404 file not found long before you get to run any Perl code.

      We don't fix things using JavaScript here at the Monastery.
      Read: next 7th line from the top is a great example.

      And again it should be: http://example.com/"><script>alert(1212)</script> This is the solution you are looking for, nothing to do in either Perl or JS.
[reply]
[d/l]
[select]
      Have you tried using regular HTTP parameters? http://example.com/?alert=1212">
[reply]
[d/l]

In Section Seekers of Perl Wisdom