[Tutor] Untainting CGI parameters
Jan Eden
lists at janeden.org
Wed Aug 10 17:56:25 CEST 2005
Hi,
I would like to untaint all parameters with which my CGI script is called. Example:
if parameters.has_key('type'):
match = re.search('\w+', parameters['type'].value)
type = match.group()
else: type = 'page'
In Perl, I used the ternary operator to write it like this:
my $type = ($parameters{type} && ($parameters{type} =~ /^(\w+)$/)) ? $1 : 'page';
While this is not the most beautiful code to look at, I have a weakness for compact programs - so can I shorten the Python equivalent somehow?
Thanks,
Jan
--
A good programmer is someone who looks both ways before crossing a one-way street. - Doug Linder
More information about the Tutor
mailing list