develooper Front page | perl.perl5.porters | Postings from December 2012

Re: CERT Perl Secure Coding Standard

Thread Previous | Thread Next
David Nicol
December 8, 2012 08:19
Re: CERT Perl Secure Coding Standard
Message ID:
On Fri, Dec 7, 2012 at 8:41 AM, demerphq <> wrote:
> Anybody seen this?

I'd like to take this opportunity to promote Tie::Function as an
elegant way to prevent all sorts of quoting injections. Url-encoding,
HTML Entitization, SQL quoting, and SQL identifier quoting can all
have their own hashes tied to Tie::Function, and then auditing against
injection attacks becomes very straightforward, and no data need be
quoted prior to use.

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About