Hi, that thread has a good answer when perl is being invoked on a per script basis using perl.exe. I would be interested in knowing if it is possible to do it with with the ISAPI version of perl which is generally prefered by ISPs PerlIS.dll
Alternatives to Taint Checking? talks about this issue but is there a better solution from a performance point of view? Most of these threads are quite old and things have moved on.
Good old ActiveState appear to be as helpful as always can anyone tell me where their search engine is? :(
Just putting my bit in
UnderMine | [reply] |
I've never used Perl with IIS and didn't know that it used PerlIS.dll - sorry for wasting your time :(
But, I did some searching (to make up for it) and found that our dear Ovid replied to an article (warning: offsite) and stated that PerlIS does not support taint checking. As you can see, the reply is dated 01/16/02, which is the most updated information I've been able to find on it (and this is after searching for two hours).
Also, after checking release notes, etc. from ActiveState, they mention nothing about having added support for it.
As for ActiveState's search engine - maybe I'm wrong again, but the only one I've been able to find is the one for the mailing lists.
| [reply] |
I think you have to turn it on globally for PerlIS.dll by changing a setting in the Windows registry.
| [reply] |