Skip Menu |
 

This queue is for tickets about the CGI-Application CPAN distribution.

Report information
The Basics
Id: 1926
Status: resolved
Priority: 0/
Queue: CGI-Application

People
Owner: MARKSTOS [...] cpan.org
Requestors:
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: 2.6
Fixed in: (no value)



Subject: sub dump_html has bugs (non-escaped HTML ...)
Download (untitled) / with headers
text/plain 882b
CGI has a Dump method, which will do SWEET dumping, and all the values are properly escaped (escapeHTML). If you still want the values to be sorted, you can simply rip-off 'sub Dump' from CGI.pm and adjust it accordingly. sub dump_html should look something like the following. sub dump_html { my $self = shift; my $output = ''; my $q = $self->query; # Dump Params $output .= "<P>\nQuery Parameters:<BR>\n"; $output .= $q->Dump()."\n"; # Dump ENV $output .= "<P>\nQuery Environment:<BR>\n<OL>\n"; foreach my $ek (sort(keys(%ENV))) { $output .= "<LI> $ek => '<B>" . $q->escapeHTML( $ENV{$ek} ) . "</B>'\n"; } $output .= "</OL>\n"; return $output; } You should probably escapeHTML($ek) as well (you never know)
That's my bug report there (i logged out -- stupid browser )


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.