in reply to Re: Perl script to retrieve a webpage using perl
in thread Perl script to retrieve a webpage using perl

my $url = 'http://www.example.com';
my $page = `wget -q -O - "$url"`;

This way it is ok. But note that if the contents of $url comes from an untrusted source (e.g. a field in a form or part of a URL), then simply calling wget with the parameter listed, is very dangerous.

Consider what would happen if $url would be '"; find /"'. Then consider what would happen if someone would call a program other than "find".

Liz

  • Comment on Re: Re: Perl script to retrieve a webpage using perl

Replies are listed 'Best First'.
Re: Re: Re: Perl script to retrieve a webpage using perl
by sgifford (Prior) on Jul 20, 2003 at 15:58 UTC

    You can make the use of wget secure by using the shell's quoting mechanism and environment variables.

    Read more... (592 Bytes)

    You can also use the open(WGET,"|-") construct with exec to do this safely.

    Read more... (828 Bytes)

    I agree in general that this is a less safe approach, but if it's the only option it can be done safely.

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom