The reference to this module was interesting so I decided to check it out. Maybe someone could explain to me if there are any real advantages to using CGI::Untaint in this situation. There's a good chance I'm suffering from brain burnout right now, so apologies if this post turns out to be a Doh! I don't mind being corrected as I'm here to learn.

I looked into CGI::Untaint but was non-plused by the documentation. Untainting CGI data, if I understand the basic concept, is not a complicated task. In fact, I had assumed that there wasn't an Untaint module (apparently incorrectly) for that very reason. The CGI::Untaint module, OTOH, seems aimed more towards data validation (via Extract) where untainting the data is just a pass through step.

If all I wanted to do was untaint my CGI params, how would just that one task be accomplished using CGI::Untaint? The documentation is rather vague on that point. The module also appears to be fairly young. Is this a situation where roll-your-own is an acceptable option?

On a more general note, are there any hard and fast rules for evaluating the suitability of a module for a given task other than by recommendation (assuming we're talking about a beginner at Perl). Specifically, how can you tell if a more recent module has been adequately vetted?

As an aside, this module doesn't appear to be available directly from Active State via ppm.

--Jim

In reply to Re: Re: CGI question: untainting a lot of variables by jlongino
in thread CGI question: untainting a lot of variables by coolmichael

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.