Re: Secure Form Script?
From: Stephen Samuel (samuel_at_bcgreen.com)
Date: 05/14/04
- Previous message: Stephen Samuel: "Re: Secure Form Script?"
- Maybe in reply to: Victor Daniel a.k.a the MacNut: "Secure Form Script?"
- Next in thread: Runion Mark A FGA DOIM WEBMASTER(ctr): "RE: Secure Form Script?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 14 May 2004 13:54:14 -0700 To: Bryce Porter <bporter@heart.net>
In this case, I'm presuming that the destination address is fixed.
The only input data on the header is the subject line, and that's pretty easy
to sanitize.
For the most part I'd agree that using something like Net::SMTP is
a good ida, but what do you see as the issues with calling sendmail
from a script?
Bryce Porter wrote:
> Or you can write your own script in Perl (or your language of choice)
> that accepts a single To: parameter from an html form and runs the input
> through a regular expression to "cleanse" the data. Then, perform the
> actual sending using something like Net::SMTP, et. al. Never interface
> directly with the sendmail binary, and never use a script that does. Let
> me know if you need some help.
-- Stephen Samuel +1(604)876-0426 samuel@bcgreen.com http://www.bcgreen.com/~samuel/ Powerful committed communication. Transformation touching the jewel within each person and bringing it to light.
- Previous message: Stephen Samuel: "Re: Secure Form Script?"
- Maybe in reply to: Victor Daniel a.k.a the MacNut: "Secure Form Script?"
- Next in thread: Runion Mark A FGA DOIM WEBMASTER(ctr): "RE: Secure Form Script?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
