Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re: Security Breach through Template::Toolkit

by Sixtease (Friar)
on Nov 11, 2008 at 10:08 UTC ( #722816=note: print w/replies, xml ) Need Help??

in reply to Security Breach through Template::Toolkit

Yeah well, I'm starting to see that Template::Toolkit might be just a little too powerful. Let alone the STDOUT filter could bloat the output of my app. Users can create complex data structures and print them repeatedly, so I see ways of loading the server with lots of work.

Maybe HTML::Template would be better. But the comfort is far from that which TT provides.

use strict; use warnings; print "Just Another Perl Hacker\n";
  • Comment on Re: Security Breach through Template::Toolkit

Replies are listed 'Best First'.
Re^2: Security Breach through Template::Toolkit
by moritz (Cardinal) on Nov 11, 2008 at 15:50 UTC
    Maybe HTML::Template::Compiled might be a compromise? It offers a few features that HTML::Template doesn't have (it's maintained, it offers caching, a less verbose tag style, loops over hashes, sane handling of character encodings etc) without providing TT's full power.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://722816]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (11)
As of 2018-03-23 15:36 GMT
Find Nodes?
    Voting Booth?
    When I think of a mole I think of:

    Results (294 votes). Check out past polls.