Clear questions and runnable code get the best and fastest answer |
|
PerlMonks |
Re: Using taint mode to prevent XSS holesby diotalevi (Canon) |
on Jan 07, 2003 at 16:33 UTC ( [id://225017]=note: print w/replies, xml ) | Need Help?? |
On a lark I took a quick trip out to CPAN - here's my suggestion written down as probably-useable code (meaning I didn't test it). It installs a filter on the STDOUT filehandle before script execution so no tainted data is allowed to print. Obviously if you start handling user-input prior to this INIT block then that isn't covered but you shouldn't do that anyway. This can be enhanced by using an exception
Fun Fun Fun in the Fluffy Chair
In Section
Meditations
|
|