[Tutor] Untainting CGI parameters
Alan G
alan.gauld at freenet.co.uk
Thu Aug 11 00:04:33 CEST 2005
> I would like to untaint all parameters with which my CGI script is
> called. Example:
Can you explain 'untaint'??? Not a term I'm familiar with...
> if parameters.has_key('type'):
> match = re.search('\w+', parameters['type'].value)
> type = match.group()
> else: type = 'page'
I Python "it's better to ask forgiveness than permission" so...
try:
type = re.search('\w+', parameters['type'].value).group()
except KeyError: type = 'page'
HTH,
Alan G
Author of the Learn to Program web tutor
http://www.freenetpages.co.uk/hp/alan.gauld
More information about the Tutor
mailing list