[Catalyst] {OT] protecting against attacks with multilingual input
Joel Bernstein
joel at fysh.org
Tue Dec 5 13:25:17 GMT 2006
On Tue, Dec 05, 2006 at 02:11:27PM +0100, Daniel McBrearty wrote:
> hmmm ... I'll start here ...
>
> http://www.perl.com/doc/manual/html/pod/perllocale.html
Read perllocale, perlre (the section on \w and \W escapes for
word/non-word characters) and locale.
You will need the correct locales compiled on your system for every
language and input method you want to support - IIRC these can take up
quite some disk space so there is a concommitant cost associated with
handling the different languages, but I don't recall it being enormous.
To be honest the one-off cost of compiling the locales is the only real
downside of this approach that I can see.
/joel
More information about the Catalyst
mailing list