Site Search perlscript and securityby steelrose (Scribe)
|on Nov 29, 2005 at 16:37 UTC||Need Help??|
steelrose has asked for the
wisdom of the Perl Monks concerning the following question:
A quick question - I'm going to institute a search script to search a single directory on a Website. It's just basically going to feed the contents of the text box into a regex: m/<contents>/;
Are there any red flags that might be security concerns that I should check for in the reg ex before feeding it into the match or no? I'd just rather ask and find out now than have something happen in the future that I didn't expect.
If you give a man a fish he will eat for a day.
If you teach a man to fish he will buy an ugly hat.
If you talk about fish to a starving man, you're a consultant.