Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: Security Breach through Template::Toolkit

by Sixtease (Friar)
on Nov 11, 2008 at 10:08 UTC ( #722816=note: print w/ replies, xml ) Need Help??


in reply to Security Breach through Template::Toolkit

Yeah well, I'm starting to see that Template::Toolkit might be just a little too powerful. Let alone the STDOUT filter could bloat the output of my app. Users can create complex data structures and print them repeatedly, so I see ways of loading the server with lots of work.

Maybe HTML::Template would be better. But the comfort is far from that which TT provides.

use strict; use warnings; print "Just Another Perl Hacker\n";


Comment on Re: Security Breach through Template::Toolkit
Re^2: Security Breach through Template::Toolkit
by moritz (Cardinal) on Nov 11, 2008 at 15:50 UTC
    Maybe HTML::Template::Compiled might be a compromise? It offers a few features that HTML::Template doesn't have (it's maintained, it offers caching, a less verbose tag style, loops over hashes, sane handling of character encodings etc) without providing TT's full power.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://722816]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (5)
As of 2015-07-07 03:17 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (86 votes), past polls