RE: [Templates] Limiting TT2's features
[prev]
[thread]
[next]
[Date index for 2004/10/05]
As someone pointed out to me recently, you also have to beware of arbitrary
code in regular expressions, like
perl -e 'my $txt = "howdy!";$txt =~ s@howdy@qx{ls -al /}@ge;print $txt'
I would be interested in ideas on how to avoid that as well.
Earl
-----Original Message-----
From: templates-admin@xxxxxxxxxxxxxxxx.xxx
[mailto:templates-admin@xxxxxxxxxxxxxxxx.xxx]On Behalf Of Chris Winters
Sent: Tuesday, October 05, 2004 10:58 AM
To: templates@xxxxxxxxxxxxxxxx.xxx
Subject: Re: [Templates] Limiting TT2's features
On Tue, 5 Oct 2004 12:54:26 -0400, Darren Chamberlain <dlc@xxxxxxxxx.xxx>
wrote:
> Template::Context. Just subclass Template::Context and implement your
> own include method. This has the advatange of changing the meaning of
> the INCLUDE directive, while not altering the grammar at all, so your
> users could still do:
Of course. You'd think I'd remember this since I wrote one of these already
:-)
http://cvs.sourceforge.net/viewcvs.py/openinteract/OpenInteract2/lib/OpenInt
eract2/TT2/Context.pm?rev=1.2&view=auto
Chris
--
Chris Winters (chris.winters@xxxxx.xxx)
Building enterprise-capable snack solutions since 1988.
_______________________________________________
templates mailing list
templates@xxxxxxxxxxxxxxxx.xxx
http://lists.template-toolkit.org/mailman/listinfo/templates
_______________________________________________
templates mailing list
templates@xxxxxxxxxxxxxxxx.xxx
http://lists.template-toolkit.org/mailman/listinfo/templates
 |
 |
RE: [Templates] Limiting TT2's features
Cahill, Earl 17:47 on 05 Oct 2004
|
