"be consistent" | |
PerlMonks |
Re^3: Browser::Open Windows metacharactersby Anonymous Monk |
on Dec 09, 2018 at 22:01 UTC ( [id://1227019]=note: print w/replies, xml ) | Need Help?? |
Make sure you trust the source of the URLs. Otherwise it's still a shell injection: try passing a $url = q["$(touch ~/hello.txt)"] if you're on Linux or maybe $url = q["&calc&"] on Windows (not sure about the CMD syntax, but it's definitely possible to construct a string that would cause a command to be run when wrapped in double quotes).
In Section
Seekers of Perl Wisdom
|
|