comment on

Bad practices, even when using perl, can lead to XSS attacks. This is not the place to debate the "Known and widely accepted solutions." to XSS. There are many resources outside of Perl that deal with this topic. Use the perl modules and you've got a chance at safe code, head off in your own direction and you'll regret it.

My post was aimed at getting the Monk to understand that the question was leading the code in a direction it would be best it didn't. There are not many ways to implement a website hardened against XSS and this limits the scope of any questions related to login, sessions, data handling, and form validation to a less than manageable size. In other words if you're doing web development and your code dealing with one of these areas doesn't just work, you need to fall back into line or your users will be hacked.

In reply to Re^5: Perl Sessions and Cookies - Cookie don't get passed by cheako
in thread Perl Sessions and Cookies - Cookie don't get passed by Yaerox

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.