Think about Loose Coupling | |
PerlMonks |
Re: •Re: Re: •Re: making first letter of all words in array upper caseby agentv (Friar) |
on Dec 31, 2002 at 21:42 UTC ( [id://223477]=note: print w/replies, xml ) | Need Help?? |
start by reading and understanding every relevant CGI security document you can find.
I don't know if you meant that as a joke or not. There were 1.8 million documents returned by that search! So are you saying that before someone writes a CGI script that sends mail, they should start by reading 1.8 million web documents as a prerequisite? You know, one of the things I took from the most obvious writings about Perl in its early days was the philosophy that you don't have to "know all about it" in order to get things done with Perl. It is not considered necessary to rise to some high level of mastery before starting. It is meet to restrain oneself from certain courses of action when there is the risk of damage or extreme annoyance as a result of your programming efforts. But in this case, I feel that the danger is significantly overstated. The chance of a major spam offender finding some sleepy website with a homemade "tell your friends script" and coercing that to further pollute the world at top speed seems remote to me. (No offense iamrobj, I haven't actually looked at your web site, I'm making a guess here.) To answer your question further on in the thread iamrobj, it's not too hard to "sanitize" your script. One simple discussion in the Perl Cookbook (recipe 19.4 "Writing a Safe CGI Program) can get you on your way. Just be sure to test the data that is submitted for any message headers for illegal characters, and if you want to be very diligent, maybe you could read up on how to have your script probe the From: address to see if it truly exists. In the end, don't let discouragement from others freeze you into inactivity. Just let it serve as a warning that you may need to be careful about certain things, because it is true that putting up a CGI script allows others to utilize your computing facility. (or that of your ISP) So think everything through and ask around about potential risks. But definitely keep on coding!
...All the world looks like -well- all the world,
when your hammer is Perl.
In Section
Seekers of Perl Wisdom
|
|