All the Perl that's Practical to Extract and Report
use Perl Log In
2shortplanks (968)
(email not shown publicly)
http://2shortplanks.com/
AOL IM: trelane2sp (Add Buddy, Send Message)
Yahoo! ID: trelane2sp (Add User, Send Message)
Mark Fowler has never been the same since he was elected leader of the London Perl Mongers. The strain manifests itself mainly in releasing various [cpan.org] modules [cpan.org] to CPAN, giving talks [2shortplanks.com], and use of the Trelane nick on #london.pm for endless procrastination. Doctors are still seeking a cure.
Journal of 2shortplanks (968)
Test::CGI::Untaint
One of the things you can do with this module is define your own "local extraction handlers" which are tiny four line modules that know how to extract data from a string for a particular type. For example, you can get ones for making sure the data is all digits, or ones for getting valid urls.
Of course, writing new local extraction handlers involves writing regular expressions. And as anyone knows, it's quite hard to write a complex regular expression and guarantee it's right - every once in a while you make a stupid mistake, so you have to check your work. The only real way to avoid this is to test your data. And that's where the module comes in: It's a Test::Builder compatible testing tool that can be used to test if the local extraction handler extracts the right thing from a string or rejects the string outright.
This is Profero's first open source module that we've uploaded to to CPAN, and I'm really happy that in addition to helping promote Perl we've finally released something of our own. Hopefully it'll be the first of many.
Or is it a BUG?"
"Let's call it an accidental feature. :-)"
--Larry Wall in <6909@jpl-devvax.JPL.NASA.GOV>
How about tainting? (Score:2)
--
xoa
Re:How about tainting? (Score:2)
Any data that is extracted by a local extraction handler has to have run though a regular expression and therefore has to be untainted (at least in the -T sense of the word.)