Re: Security Breach through Template::Toolkit


Don't ask to ask, just ask
	PerlMonks

Re: Security Breach through Template::Toolkit

by Sixtease (Friar)

on Nov 11, 2008 at 10:08 UTC ( #722816=note: print w/ replies, xml )

Need Help??

in reply to Security Breach through Template::Toolkit

Yeah well, I'm starting to see that Template::Toolkit might be just a little too powerful. Let alone the STDOUT filter could bloat the output of my app. Users can create complex data structures and print them repeatedly, so I see ways of loading the server with lots of work.

Maybe HTML::Template would be better. But the comfort is far from that which TT provides.

use strict; use warnings; print "Just Another Perl Hacker\n";

Comment on Re: Security Breach through Template::Toolkit
Re^2: Security Breach through Template::Toolkit by moritz (Cardinal) on Nov 11, 2008 at 15:50 UTC
Maybe HTML::Template::Compiled might be a compromise? It offers a few features that HTML::Template doesn't have (it's maintained, it offers caching, a less verbose tag style, loops over hashes, sane handling of character encodings etc) without providing TT's full power.	[reply]

In Section Seekers of Perl Wisdom

Node Status^?

node history
Node Type: note [id://722816]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others cooling their heels in the Monastery: (7)

As of 2013-05-26 01:42 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

The best material for plates (tableware) is:

Results (523 votes), past polls