Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Re: Using taint mode to prevent XSS holes

by diotalevi (Canon)
on Jan 06, 2003 at 23:33 UTC ( #224788=note: print w/replies, xml ) Need Help??


in reply to Using taint mode to prevent XSS holes

Of course there is always Apache::TaintRequest which just ties STDOUT and escapes tainted data. Another generalized approach would be to throw errors if your program attempted to write tainted data. I'd generally prefer to untaint the data myself prior and just use things like that as a constraint system. But anyhow, the base idea is all right there and is really simple.


Fun Fun Fun in the Fluffy Chair

  • Comment on Re: Using taint mode to prevent XSS holes

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://224788]
help
Chatterbox?
[shmem]: all else leads to trouble, even if the third argument depends on the existence of the second. That may become brittle.
[Discipulus]: but if have case like subname(15,undef,3 ) maybe bettere named parameters
[Lady_Aleena]: I don't want to have to do: alpha_menu($hash, undef, $type);
[Lady_Aleena]: Or what Discipulus said.
[shmem]: Lady_Aleena: geany supports ctags.
[Discipulus]: a good compromise can be my ($need, $opts_ref) = @_ a scalar and an hash reference
[Discipulus]: see you monks!
[Lady_Aleena]: shmem, let me get this sub rewritten, then I will look into how to use ctags in geany. Deal? 8)
[shmem]: Discipulus: yeah, that might eventually prepare the path for OO ;-)
[Lady_Aleena]: See you, Discipulus.

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (8)
As of 2017-04-27 12:25 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I'm a fool:











    Results (506 votes). Check out past polls.