Re: Security bug in CGI::Lite::escape_dangerous


We don't bite newbies here... much
	PerlMonks

Re: Security bug in CGI::Lite::escape_dangerous_chars()

by Ovid (Cardinal)

on Feb 11, 2003 at 22:26 UTC ( [id://234542]=note: print w/replies, xml )

Need Help??

in reply to Security bug in CGI::Lite::escape_dangerous_chars()

Not having used CGI::Lite before, I never noticed that function, but I have to admit that I'm a bit puzzled. It seems to me that an experienced programmer should have noticed something named escape_dangerous_characters() before this. Trying to eliminate the dangerous is far more difficult than simply allowing the safe.

Allow for too few "safe" characters, you restrict your functionality; allow for too few "dangerous" characters and you restrict your paychecks.

Cheers,
Ovid

New address of my CGI Course.
Silence is Evil (feel free to copy and distribute widely - note copyright text)

Comment on Re: Security bug in CGI::Lite::escape_dangerous_chars()

In Section Perl News

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://234542]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others romping around the Monastery: (4)

As of 2024-04-24 17:31 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found