in reply to Re: HTML::ENTITIES for URL encoding
in thread HTML::ENTITIES for URL encoding

when user hits my url on browser like this
http://example.com/>"<script>alert(1212)</script>
this triggers the javascript i want to escape/remove/replace the special characters so that i will not triggers javascript
and second thing
"if you need to filter to just parameter names containing special chars filter using "next"."
i didn't get this can you please explain?

Replies are listed 'Best First'.
Re^3: HTML::ENTITIES for URL encoding
by cheako (Beadle) on Mar 05, 2015 at 04:00 UTC

    >"<script>alert(1212)< <--- In all likely hood this directory is not found, no Perl coding is necessary. Your web server will fail with a 404 file not found long before you get to run any Perl code.

    We don't fix things using JavaScript here at the Monastery.
    Read: next 7th line from the top is a great example.

    And again it should be: http://example.com/"><script>alert(1212)</script> This is the solution you are looking for, nothing to do in either Perl or JS.
[reply]
[d/l]
[select]
Re^3: HTML::ENTITIES for URL encoding
by cheako (Beadle) on Mar 05, 2015 at 04:02 UTC
    Have you tried using regular HTTP parameters? http://example.com/?alert=1212">
[reply]
[d/l]

In Section Seekers of Perl Wisdom