view release on metacpan or  search on metacpan

TaintRequest.pm  view on Meta::CPAN

    $querystring =~ s/<script>//;
    $r->print($querystring);   # html is NOT escaped...
  }

=head1 DESCRIPTION

=over 15

=item Note:

This code is derived from the I<Cookbook::TaintRequest> module,
available as part of "The mod_perl Developer's Cookbook".

=back

One of the harder problems facing web developers involves dealing with
potential cross site scripting attacks.  Frequently this involves many
calls to Apache::Util::escape_html().

This module aims to automate this tedious process.  It overrides the
print mechanism in the mod_perl Apache module.  The new print method
tests each chunk of text for taintedness.  If it is tainted we assume

TaintRequest.pm  view on Meta::CPAN

Copyright (c) 2001, Paul Lindner, Geoffrey Young, Randy Kobes.

All rights reserved.

This module is free software.  It may be used, redistributed
and/or modified under the same terms as Perl itself.

=head1 HISTORY

This code is derived from the I<Cookbook::TaintRequest> module,
available as part of "The mod_perl Developer's Cookbook".

For more information, visit http://www.modperlcookbook.org/

=cut