On Thu, 25 Feb 2010 17:51:40 -0600
P Kishor <[email protected]> wrote:
> following Mark Stosberg's email about PSGI, I decided to poke around a
> bit more, and landed up with Dancer. Color me very impressed.
>
> Seriously, I have seldom experienced such easy *everything*. Almost
> instant installation via 'sudo cpan Dancer', a simple 'dancer -a
> myapp', and I had a working, nice looking application framework [*]
> with nice URIs and ev'ryting.
>
> So, my question is thus -- how is Dancer different from CGI::App, and
> why should I use the latter instead of the former? I asked this not
> lightly because I have many years of experience invested in C::A, but
> Dancer truly shows how apps should be.
I had already looked at Dancer myself. As a result, you can see these
entries in the Dancer ChangeLog:
* Security Fix: protection from CRLF injection in
response headers (thanks to Mark Stosberg for the report).
* Support for multi-valued params in GET/POST data (thanks to
Mark Stosberg for the report).
So, in a short review, I found that it lacked support for multi-valued
params, and that it had a notable security hole. If you look into it
deeper, what else might you find?
I think it has some nice points, too, but it's not worth switching to
something so new from something proven from years of use to be stable
and reliable.
Mark
##### CGI::Application community mailing list ################
## ##
## To unsubscribe, or change your message delivery options, ##
## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ##
## ##
## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ##
## Wiki: http://cgiapp.erlbaum.net/ ##
## ##
################################################################
