Perl Monk, Perl Meditation | |
PerlMonks |
POTENTIAL SECURITY HOLEby merlyn (Sage) |
on Jun 19, 2000 at 17:56 UTC ( [id://18790]=note: print w/replies, xml ) | Need Help?? |
No. Don't use anything starting with HTTP_ directly in any file path.
This is an arbitrary string coming from the browser, and can be manipulated
directly by a person with ill intentions.
-- Randal L. Schwartz, Perl hacker
In Section
Seekers of Perl Wisdom
|
|