Hey, thanks for fessing up. You make a good point about security. But I've written "bad" web apps for convenience, myself, so I can't dismiss the question.

We don't know enough about the supplicant's needs to just say "you shouldn't do it". For all we know, (s)he might be writing a script to run on a private subnet, with strong HTTP access controls, just as a convenience for a small group of trusted users. Or it might be a CGI open to the world. I'm all for warning people the gun is loaded, but ultimately they have to make a reasoned choice.

One of the things I like best about this site is that people will tell you you're stupid, explain why what you want is wrong, and then show you how to do it anyway. You neglected part 3. ;-)