[Catalyst] user input is evil : validation vis a vis taint checking

Len Jaffe lenjaffe at jaffesystems.com
Wed May 3 23:13:22 CEST 2006

We don't do much discussion of CGI parameter taint
checking any more... Did we as a web development
community reach a consensus while I was in the

Is the use of a FormValidator-esqe module tantamount
to sufficiently checking the taintedness of user
input, or are we *just* not talking about it anymore?


More information about the Catalyst mailing list