Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Ovid (2709)

  (email not shown publicly)
AOL IM: ovidperl (Add Buddy, Send Message)

Stuff with the Perl Foundation. A couple of patches in the Perl core. A few CPAN modules. That about sums it up.

Journal of Ovid (2709)

Tuesday October 29, 2002
04:54 PM

Hooray for refactoring!

[ #8667 ]

I finally got off my duff and wrote a module for work that does a much better job of handling CGI data. It's customized to work for how we do things, so rather than having a general purpose tool, I have something that does what I need it to do. Now, rather than worry about the tedious work of grabbing a bunch of form data and untainting all of it, I just list the fields I want, supply regex filters for those fields and I get a hashref of untainted data back. For my first test, I took a program that was about 450 lines of code (over half of that was munging form data) and reduced it down to 150 lines of code.

Curiously, this happens to dovetail nicely with some planned upgrades to CGI::Safe. That particular module, while being well-intentioned, simply is not yet useful enough to generate much interest. Hopefully, this will turn the trick and make Web programming safer. Of course, if anyone is willing to take a look at it and recommend changes necessary to make it work under mod_perl ... (yes, that was a cry for help!). Since we're a Windows shop (slowly migrating to Linux), I've never had the chance to dig deeply into mod_perl. In fact, I only have one mod_perl site that I've ever built and that was for some internal demos.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.