Welcome to the Monastery | |
PerlMonks |
Packing unsafe string for later context-based escapingby Dallaylaen (Chaplain) |
on Jan 05, 2016 at 16:30 UTC ( [id://1151982]=perlquestion: print w/replies, xml ) | Need Help?? |
Dallaylaen has asked for the wisdom of the Perl Monks concerning the following question: Hello dear esteemed monks, I have just implemented the following logic in a pet project: Say we have a user-supplied string, which we may want to escape. Let's pack it into an object (bless \$str, $class; in fact) which has serialization methods as_is(), as_html(), as_uri(), as_shell() etc and, last but not least, as_string() (aka overloaded "") which chooses one of the above based on exported package variable $how_to_escape. This way, we don't need to babysit a potentially unsafe value, but can still get it as is when needed (say save to database or send via JSON). The $how_to_escape var may be localized, meaning that we'll get guaranteed uniform escape of ALL such packed variables in a given scope without affecting anyone outside. I would like to know if such approach makes any sense at all, and if it does, do similar modules already exist? Thank you.
Back to
Seekers of Perl Wisdom
|
|