Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things

Re^2: Any security holes?

by Limbomusic (Acolyte)
on Jun 26, 2022 at 21:42 UTC ( #11145099=note: print w/replies, xml ) Need Help??

in reply to Re: Any security holes?
in thread Any security holes?

Wow - yes I deleted the whole @pairs codebit and it still worked. I,m a total nitwit with coding so thanx - I,m just playing around and trying things out. The html-injection/cross scripting thing seems dangerous indeed, so okay - I learned its possible to "escape characters" - I would like to do that - do you have a suggestion (example code) for that?

Replies are listed 'Best First'.
Re^3: Any security holes?
by LanX (Sage) on Jun 26, 2022 at 21:51 UTC
      I don't know how or where to implement it in my .pl file, could u help? It seems that this would do the trick:  $encoded = encode_entities($input, '<>&"'); It seems this would negate all these characters and thats exactly what i want - but how?
Re^3: Any security holes?
by haj (Priest) on Jun 28, 2022 at 08:32 UTC
    I'm just playing around and trying things out.

    I hope you are aware that running CGI programs in the internet is not a good idea for trying things out. The internet as a whole is not a particularly friendly place. When a new server starts to respond on Port 80, it takes just some minutes before robots will start poking it for security holes. If you point your friends to use your new playground, you're putting them at risk because their browser might run malicious code.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11145099]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (2)
As of 2023-06-04 17:10 GMT
Find Nodes?
    Voting Booth?
    How often do you go to conferences?

    Results (22 votes). Check out past polls.