in reply to Browser-specific perl error??

Concentrating on the error itself: when it occurs, the variable $user_email hasn't been untainted. That's the only reason you'd get that error in reference to that line.

Are you sure that the subroutine you're using always untaints the data? The error suggests that this can't be true, so I wouldn't be sure. :) Nothing in that last line that you've included would untaint the data, for instance.

The browser issue could turn out to be a red herring. In any event, I think you'll get further by ignoring that and concentrating on the validate_email_address() subroutine.

- Matt Riffle
  VP Technology, pair Networks, Inc.
  (although, I speak only for myself; code is untested unless otherwise stated)

Replies are listed 'Best First'.
Re: Browser-specific perl error??
by Abigail-II (Bishop) on Mar 12, 2004 at 16:38 UTC
    Concentrating on the error itself: when it occurs, the variable $user_email hasn't been untainted. That's the only reason you'd get that error in reference to that line.
    Perl checks more than taintedness of the argument to pipe open. It also checks whether a bunch of environment variables are either not set, or untainted. See man perlsec for details.

    Abigail

[reply]
      I would look at the enviroment variables as these are quite possibly being effected by the web server. If one of these is set strangely only when using IE that would explain things.

      It might be worth while doing a raw data capture on the network interface (ethreal or equivalent) to see the actual TCP data stream rather than looking at the post web server filtered version of the data.

      Hope it helps.
      UnderMine

[reply]

In Section Seekers of Perl Wisdom