in reply to Re: CGI module seems to eat html entities!
in thread CGI module seems to eat html entities!

Oh no worries. The editor is made so, that it allows only files ending on ".htm". If any of "..", "/", or a null character occurs in the file requested for editting, it denies access. The password is hardcoded in the .pl-file (which name doesn't end on .htm so it can't be loaded in the editor) and the submitted password is compared to this one.

What I just meant to say by 'little feeling of fake security' is that not everyone is easily abled to edit the files, but with a little bruteforcing I think the password is easily cracked :)
But anyway, it is a temporary solution and I will delete the editor when the site update is finished.
  • Comment on Re^2: CGI module seems to eat html entities!

Replies are listed 'Best First'.
Re^3: CGI module seems to eat html entities!
by SamCG (Hermit) on Oct 03, 2005 at 23:06 UTC
    It doesn't really sound like a great idea (html pages can contain various scripting languages that could do some harm to visitors to your site, or some terrorist organization could just take over pages for communications, etc. . . )

    It's your decision, I guess, if it's your web server. And at least you're aware that it's not real security.
[reply]

In Section Seekers of Perl Wisdom