Prev: Interview question - What is your favourite Perl CPAN Module?
Next: FAQ 8.28 How can I call backticks without shell processing?
From: PerlFAQ Server on 20 Jul 2010 12:00 This is an excerpt from the latest version perlfaq9.pod, which comes with the standard Perl distribution. These postings aim to reduce the number of repeated questions as well as allow the community to review and update the answers. The latest version of the complete perlfaq is at http://faq.perl.org . -------------------------------------------------------------------- 9.14: How do I make sure users can't enter values into a form that cause my CGI script to do bad things? See the security references listed in the CGI Meta FAQ http://www.perl.org/CGI_MetaFAQ.html -------------------------------------------------------------------- The perlfaq-workers, a group of volunteers, maintain the perlfaq. They are not necessarily experts in every domain where Perl might show up, so please include as much information as possible and relevant in any corrections. The perlfaq-workers also don't have access to every operating system or platform, so please include relevant details for corrections to examples that do not work on particular platforms. Working code is greatly appreciated. If you'd like to help maintain the perlfaq, see the details in perlfaq.pod.
From: brian d foy on 23 Jul 2010 14:47
In article <m14jh7-gav.ln1(a)zem.masonsmusic.co.uk>, Justin C <justin.1007(a)purestblue.com> wrote: > > 9.14: How do I make sure users can't enter values into a form that cause my > > CGI script to do bad things? > > http://www.perl.org/CGI_MetaFAQ.html > > That page redirects to: > > <URL:http://brian-d-foy.cvs.sourceforge.net/viewvc/brian-d-foy/CGI_MetaFAQ/CGI > _MetaFAQ.html> > > and three out of the five links in the Security section fail to open. > Two 404s and one server that has gone away - this may be temporary. I will look into this. Thanks. |