There's more than one way to do things | |
PerlMonks |
Re: Does fatalsToBrowser give too much information to a cracker?by strat (Canon) |
on Apr 10, 2002 at 11:11 UTC ( [id://157995]=note: print w/replies, xml ) | Need Help?? |
I agree with George; warnings and errors are nothing for normal user, and may sometimes even become dangerous (e.g. open (FILE, $file) or die "can't read password from $file: $!"; or the like. Because with some providers, you have to keep "sensible" data in directories that might eventually be accessed by web ). Another reason why I always remove -w (use warnings) in production systems, as well as qw(fatalsToBrowser) and try to do some defensive programming, to try to catch all errors that might happen is that I don't want to confront users with errormessages they won't understand or won't be able to do anything against. In cgi-scripts, I only use die for really serious errors; more often, I write an own error-outputting-routine that cares about returning a complete html-page.
Best regards,
In Section
Seekers of Perl Wisdom
|
|