in reply to Re^5: Taint mode limitations
in thread Taint mode limitations
If you think about "removing malicious characters" you do not understand security! You should never remove the bad, you should always take just the good!
It appears you don't understand security either :) Consider
my $good = join '', $bad =~ m/(\w+)/g; my $good = $bad =~ s/\W+//gr;
Sure, only the m// version untaints successfully in perl, but both versions "remove malicious characters" and both versions "take just the good"
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^7: Taint mode limitations
by Jenda (Abbot) on Nov 04, 2012 at 23:39 UTC | |
by Anonymous Monk on Nov 05, 2012 at 01:27 UTC |
In Section
Seekers of Perl Wisdom