[sf-perl] input validation module sought
biztos at mac.com
Mon Sep 22 17:02:51 PDT 2008
For HTML, usually this is all you need:
use HTML::Entities qw(encode_entities);
For SQL, *always* use bind variables.
1) Never ever eval anything from an untrusted source.
2) Never ever use innerHTML without doing encode_entities on user-supplied data first.
3) Use a well-tested JS toolkit so you don't make a newbie mistake and break #2.
But keep in mind that innerHTML is inherently insecure... just like the Web. :-)
On Monday, September 22, 2008, at 12:25PM, "ken uhl" <kenuhl at berkeley.edu> wrote:
>Hi, I am looking for a module to do input validation to protect against
>SanFrancisco-pm mailing list
>SanFrancisco-pm at pm.org
More information about the SanFrancisco-pm