Re^3: Browser::Open Windows metacharacters


"be consistent"
	PerlMonks

Re^3: Browser::Open Windows metacharacters

by Anonymous Monk

on Dec 09, 2018 at 22:01 UTC ( [id://1227019]=note: print w/replies, xml )

Need Help??

in reply to Re^2: Browser::Open Windows metacharacters
in thread Browser::Open Windows metacharacters

Make sure you trust the source of the URLs. Otherwise it's still a shell injection: try passing a $url = q["$(touch ~/hello.txt)"] if you're on Linux or maybe $url = q["&calc&"] on Windows (not sure about the CMD syntax, but it's definitely possible to construct a string that would cause a command to be run when wrapped in double quotes).

Comment on Re^3: Browser::Open Windows metacharacters Select or Download Code

Replies are listed 'Best First'.
Re^4: Browser::Open Windows metacharacters by IB2017 (Pilgrim) on Dec 09, 2018 at 22:13 UTC
Thank you for pointing me to this threat. In this case my script generates the URLs, so it should be fine.	[reply]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://1227019]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others pondering the Monastery: (5)

As of 2024-04-19 23:34 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found