[Melbourne-pm] Untainting locale-based data?

Alexis Hazell bonobo at bigpond.net.au
Sun Mar 18 23:56:47 PDT 2007


Hi all,

i'm working on a Web app in which the supplied data (to wit, people's names) 
might include Latin 1 supplement characters. So i'm wanting to use taint 
checking, given the untrusted data source; but making use of the ISO-8859-1 
locale, to enable \w+ to match Latin 1 supplement characters, will mean that 
the data remains tainted even after being filtered through a regexp, due to 
Perl's view of the untrustworthiness of locales. How, then, can i untaint 
such data?

Any help would be much appreciated!


Alexis.


More information about the Melbourne-pm mailing list