Jemand zu Hause?![[twitter]](/battie/theme/default/icons/twitter.gif){kind=icon}
+25 replies![[default_avatar]](/battie/theme/default/default_avatar.gif){kind=avatar}
QuoteFinding vulnerabilities in core modules is not enough. I need to prove there are problems in the most fundamental aspects of the Perl language, or the Perl community will keep ignoring the language many issues.
..
and we are going to analyze it in a presentation filled with lolz, WATs, and 0-days, so maybe this time something will change
...
Quoteit's illogical therefore it's bad design
QuoteI din't know it, therefore it's wrong
+20 replies
+19 replies1 2 3 4 5 6 7
if(my @fh_list = $cgi->upload('upload_file')) { for my $fh ( @fh_list ) { while(<$fh>) { # ... } } }
if ( my $io_handle = $q->upload('field_name') ) {
+5 replies
+4 replies
+3 replies
+2 replies
Guest janusSo wie es ist, kann die Datei nur in Schritten von 1 Byte gelesen werden und wenn die Boundary erkannt wurde, muss die akkumulierte Binary wieder gekürzt werden.
IPC::System::Simple, Path::Class
+13 replies
1 2 3 4
if (my $temp = $cgi->upload('upload')) { local $/ = undef; $var = <$temp>; }
+12 replies
+9 replies
+8 replies![[Homepage]](/battie/theme/default/homepage.gif)
Wie frage ich & perlintro brian's Leitfaden für jedes Perl-Problem2016-01-03T21:35:29 pqARGV ist Teil der CGI-Spezifikation.
Quote
+6 repliesQuotethe
... server MUST NOT generate any command line information.
+3 replies
+2 repliesGuest werJa genau und vor 2004 gab es keine CGI-Scripte.
Entwickelt wurde es für den „Ur-Webserver“ NCSA HTTPd und war in dieser Form lange Zeit ein de-facto Standard ohne RFC.
Ursprünglich war es für Shell-Scripte geplant, die nur eingeschränkte parsing Fähigkeiten haben. Darum auch die optionale Übergabe per @ARGV.
+2 repliesQuoteSome systems support a method for supplying an array of strings to
the CGI script. This is only used in the case of an 'indexed' HTTP
query, which is identified by a 'GET' or 'HEAD' request with a URI
query string that does not contain any unencoded "=" characters. For
such a request, the server SHOULD treat the query-string as a
search-string and parse it into words, using the rules
Code: (dl )1
2
3
4
5search-string = search-word *( "+" search-word )
search-word = 1*schar
schar = unreserved | escaped | xreserved
xreserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "," |
"$"
After parsing, each search-word is URL-decoded, optionally encoded in
a system-defined manner and then added to the command line argument
list.
If the server cannot create any part of the argument list, then the
server MUST NOT generate any command line information. For example,
the number of arguments may be greater than operating system or
server limits, or one of the words may not be representable as an
argument.
The script SHOULD check to see if the QUERY_STRING value contains an
unencoded "=" character, and SHOULD NOT use the command line
arguments if it does.
+2 replies
+2 replies
Joel BergerGiven the embarrassing talk that Netanel Rubin gave last year, in which he chose not to learn a language and then laugh at it for the mistakes he made, I’m surprised I have to respond to yet another of his talks. ...
This year Netanel found two things and ran with them past the point of absurdity
Larry WallYou can program in Perl Baby-Talk, and we promise not to laugh. Or more precisely, we promise not to laugh any more than we'd giggle at a child's creative way of putting things.
Schrift
Blog
Einstellungen![[feed]](/battie/theme/default/icons/feed.png){kind=icon}
Tags:
![[Powered by Battie]](/battie/img/powered.png)
