diff options
| author | Karl Williamson <public@khwilliamson.com> | 2014-02-19 09:36:39 -0700 |
|---|---|---|
| committer | Karl Williamson <public@khwilliamson.com> | 2014-02-19 10:41:02 -0700 |
| commit | 18512f39426552e29d41a84a0ee5636d24f7ad84 (patch) | |
| tree | febb34daa8d71ef4643280ce511981d836666fd5 /pod/perlsec.pod | |
| parent | 215554907820e516fc559dea0dba9cc33d63e205 (diff) | |
| download | perl-18512f39426552e29d41a84a0ee5636d24f7ad84.tar.gz | |
perlsec: Nit
Diffstat (limited to 'pod/perlsec.pod')
| -rw-r--r-- | pod/perlsec.pod | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/pod/perlsec.pod b/pod/perlsec.pod index e480cb3e69..703bd46561 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -183,8 +183,9 @@ But testing for taintedness gets you only so far. Sometimes you have just to clear your data's taintedness. Values may be untainted by using them as keys in a hash; otherwise the only way to bypass the tainting mechanism is by referencing subpatterns from a regular expression match. -Perl presumes that if you reference a substring using $1, $2, etc., that -you knew what you were doing when you wrote the pattern. That means using +Perl presumes that if you reference a substring using $1, $2, etc. in a +non-tainting pattern, that +you knew what you were doing when you wrote that pattern. That means using a bit of thought--don't just blindly untaint anything, or you defeat the entire mechanism. It's better to verify that the variable has only good characters (for certain values of "good") rather than checking whether it |