Skip Menu |

This queue is for tickets about the CGI-Untaint CPAN distribution.

Report information
The Basics
Id: 4377
Status: stalled
Priority: 0/
Queue: CGI-Untaint
People
Owner: Nobody in particular
Requestors: Paul.Makepeace [...] realprogrammers.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Nov 13 05:46:33 2003 Paul.Makepeace [...] realprogrammers.com - Ticket created
Date: Thu, 11 Sep 2003 01:46:26 +0100
From: Paul Makepeace <Paul.Makepeace [...] realprogrammers.com>
To: Tony Bowden <kasei [...] tmtm.com>
Subject: Re: CGI::Untaint + Apache::Request
Tony - I've noticed something quite bizarre (to me). With, my $form = Apache::Request->instance($r, DISABLE_UPLOADS => 1)->parms; my $h = CGI::Untaint->new({ INCLUDE_PATH => 'Corrobbo' }, $form); On 5.8.0/mod_perl this seems to have the effect that any assignments into $vals become immediately stringified (and thus useless): In new(), $vals = bless( { 'p' => '', 'projecttype' => 'brief', 'action' => 'submit', '__config' => 'HASH(0x8ac7144)' }, 'CGI::Untaint' ); Either doing, { %$form } or, in C::U, ref $_[0] eq "HASH" ? ($config, $vals) = ($_[0], {%{$_[1]}}) : $vals = {@_}; solves it. Presumably since you said you've been using apr->parms too you haven't seen this? I'm not sure if this is Apache::Table or something odder. Paul -- Paul Makepeace ....................................... http://paulm.com/ "If chocolate had no calories, then the fields will turn green in the Spring." -- http://paulm.com/toys/surrealism/
  Mon Dec 27 09:49:25 2004 TMTM [...] cpan.org - Correspondence added
I've only just found this again on rt.cpan... Sorry for the delay. Show quoted text
> I've noticed something quite bizarre (to me). With, > my $form = Apache::Request->instance($r, DISABLE_UPLOADS => 1)->parms; > my $h = CGI::Untaint->new({ INCLUDE_PATH => 'Corrobbo' }, $form); > > On 5.8.0/mod_perl this seems to have the effect that any assignments > into $vals become immediately stringified (and thus useless):
That is indeed rather bizarre. Show quoted text
> Presumably since you said you've been using apr->parms too > you haven't seen this? I'm not sure if this is Apache::Table or > something odder.
Are you still seeing this? It all seems to work fine for me. What version of Apache::Request is this with? Tony
  Mon Dec 27 09:49:26 2004 TMTM [...] cpan.org - Status changed from 'new' to 'stalled'