Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re^3: Developing CGI::Application based modules outside of the default @INC

by spacebat (Beadle)
on Apr 12, 2008 at 22:03 UTC ( #680028=note: print w/ replies, xml ) Need Help??


in reply to Re^2: Developing CGI::Application based modules outside of the default @INC
in thread Developing CGI::Application based modules outside of the default @INC

This works equally well for CGI based applications as it does for CLI.

Not quite true. Public CGI should use taint mode (as does the code in the original post), which means the environment is untrusted and PERL5LIB has no effect. Environment variables not set by CGI input should be trustworthy though.

Taint::Runtime can get around this, as can something like this at the start of your script:

BEGIN { if ($ENV{PERL5LIB} && $ENV{PERL5LIB} =~ /^(.*)$/) { eval "use lib (".join(',', map "'$_'", split ':', $1).");"; die $@ if $@; } }
(updated to fix a typo)


Comment on Re^3: Developing CGI::Application based modules outside of the default @INC
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://680028]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (4)
As of 2014-08-30 09:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (291 votes), past polls