[Catalyst] Re: mod_perl converts latin1 to utf8 !?

Aristotle Pagaltzis pagaltzis at gmx.de
Mon Dec 22 23:55:43 GMT 2008

* Jonathan Rockway <jon at jrock.us> [2008-12-22 22:00]:
>   my $data = Encode::decode('utf8', $raw_data);
>   process($data);
>   print Encode::encode('utf8', $data);

Use `UTF-8`, not `utf8`. The lowercase non-dash version will
perform purely the integer representation conversion but will
not do any validity checks, such as whether an octet sequence
actually decodes to a valid codepoint or if it is even well-
formed, so it could be used to hide XSS or other injection

It’s annoying that Perl makes the lazy choice the wrong one.

Aristotle Pagaltzis // <http://plasmasturm.org/>

More information about the Catalyst mailing list