Re^2: Review of CGI::Alternatives

I always thought the criticisms against CGI were lame, but using the later tools is so much more enjoyable that it's hard to care all that much. Nothing against OP, do whatever you want.

List flattening made a guy really mad and he did some videos at a conference. To me, his argument boils down to: List flattening is a bad language design choice because it is easily misunderstood by reasonably well trained programmers. I'm sure there was more, but that is what I got out of it.

I could not find a video referencing CGI that did not use the f word extensively. Sorry about that. That in itself is kind of funny though.

Comment on Re^2: Review of CGI::Alternatives

Replies are listed 'Best First'.
Re^3: Review of CGI::Alternatives by bliako (Abbot) on Jun 15, 2018 at 10:29 UTC
Through the list of links you posted above I came across this: PacSec Hype Security Team: CGI.pm param injection which from what I understand the vulnerability comes when parsing a request with multiple same-name params. Perl's list/hash idiosyngracies be what they may makes it possible to create a hash of parameters which is not what one had in mind. and then this Re: Stop Using Perl : "... But you know whats even more amazing? They patched CGI.pm to warn about this ..."	[reply]

Replies are listed 'Best First'.

Re^3: Review of CGI::Alternatives
by bliako (Abbot) on Jun 15, 2018 at 10:29 UTC

Through the list of links you posted above I came across this:

PacSec Hype Security Team: CGI.pm param injection which from what I understand the vulnerability comes when parsing a request with multiple same-name params. Perl's list/hash idiosyngracies be what they may makes it possible to create a hash of parameters which is not what one had in mind.

and then this Re: Stop Using Perl :

"... But you know whats even more amazing? They patched CGI.pm to warn about this ..."

[reply]