Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re^2: Unwanted parameter when executing CGI scripts

by Nocturnus (Beadle)
on Jan 04, 2013 at 19:07 UTC ( #1011704=note: print w/replies, xml ) Need Help??

in reply to Re: Unwanted parameter when executing CGI scripts
in thread [SOLVED] Unwanted parameter when executing CGI scripts

Of course, you are right, and I have already implemented such checks at different levels of the application architecture.

Nevertheless, there is one situation where script A just should "pass" all parameters to another script B. To be precise, A generates HTML code with <a href> to B, where the href's URI contains all parameters which had been included in the call of A. Generating this link is done by generic code which is in a module which is used by several of the scripts; thus, when generating the link, the parameters are not checked. This is no security problem since B will check it's parameters for correctness when called.

In nearly all browsers, when moving the mouse to the generated link, the complete destination URI of the link, including the parameters, is visible (e.g. in the status bar). Now, if script A is called WITHOUT parameters (which is perfectly acceptable), the generated link to script B contained a query string ("?keywords=") where no query string should be.

This worries users, makes debugging more complicated, and is ugly, so I would like to change that.

I will do it the way which has been proposed above, but I was hoping that we could "configure" somehow to disable that behavour, or that there is another more elegant way.



  • Comment on Re^2: Unwanted parameter when executing CGI scripts

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1011704]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (6)
As of 2018-03-20 16:46 GMT
Find Nodes?
    Voting Booth?
    When I think of a mole I think of:

    Results (255 votes). Check out past polls.