good chemistry is complicated, and a little bit messy -LW |
|
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I ended up using what ikegami sugested + whitelist of allowed charactes in the fields. I needed to encode them since I print that back (HTML::FillInForm) together with error messages.
So in Data::FormValidator I created additional constraints such as that ordinary fields should contain alphanums, underscore, minus, space and dot. Email obviosly takes out space and adds @, while URL's add : and / Have you tried freelancing? Check out Scriptlance - I work there. For more info about Scriptlance and freelancing in general check out my home node. In reply to Re: Preventing XSS
by techcode
|
|