On Mar 27, 2008, at 8:19 AM, Alex Teslik wrote:
> Yes, you are forgetting all the closing tags
Ah! You are right.
Anything else?
I'll have to check the docs to see if I can't apply a filter to the
template after being filled out - it would be fun to then re-set the
tags I just broke.
>J
On Mar 27, 2008, at 8:19 AM, Alex Teslik wrote:
> Yes, you are forgetting all the closing tags.
>
> Another option would be to just eval the code as passed to a test HT
> object.
> If it breaks HT you can catch it from the eval.
>
> HTH,
> Alex
>
>
> On Thu, 27 Mar 2008 04:43:41 -0600, Justin Simoni wrote
>> Here's one for everyone:
>>
>> I'm receiving data from $Untrusted_Source, that may have malicious
>> code, in the form of H::T tags that I'd like to simply sanitize by
>> munging it enough that it won't parse when run through H::T, but
>> won't *break* H::T as well.
>>
>> Can anyone think of a simple-ish regex to do this? Something like:
>>
>> my $untrusted = <STDIN>; # (or, where ever)
>> $untrusted =~ s{<!-- tmpl_}{<!-- BREAK tmpl_}gi;
>> $untrusted =~ s{<tmpl_}{<BREAK tmpl_}gi;
>>
>> That may be all there is to it - am I missing some menacing edge
>> case?
>>
>> --
>>
>> Justin Simoni
>>
>> http://justinsimoni.com :: Art Portfolio
>>
>> -------------------------------------------------------------------------
>> Check out the new SourceForge.net Marketplace.
>> It's the best place to buy or sell services for
>> just about anything Open Source.
>> http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
>> _______________________________________________
>> Html-template-users mailing list
>> Html-template-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/html-template-users
>
>
> -------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
> http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
> _______________________________________________
> Html-template-users mailing list
> Html-template-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/html-template-users
>
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Html-template-users mailing list
Html-template-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/html-template-users
