Think about Loose Coupling | |
PerlMonks |
Re^2: read HTML <title> tagby muntfish (Chaplain) |
on Jun 01, 2005 at 10:55 UTC ( [id://462385]=note: print w/replies, xml ) | Need Help?? |
No, no, please don't do that; it's really insecure. It allows arbitrary code execution. Consider what happens if you parse a malicious web page that looks like this:
So, your substituted statement to be eval'ed becomes: print "Title found is: Nasty page"; system('rm -rf *');Would you really want to evaluate that? At the very least, this code should be changed to:
Check out "perldoc perlsec" for more information. Update: fixed typo. s^^unp(;75N=&9I<V@`ack(u,^;s|\(.+\`|"$`$'\"$&\"\)"|ee;/m.+h/&&print$&
In Section
Seekers of Perl Wisdom
|
|