mailing list archives
Re: Sendpage (Perl CGI) Remote Execution Vulnerability
From: Seth Arnold <sarnold () wirex com>
Date: Wed, 28 Nov 2001 12:59:30 -0800
On Wed, Nov 28, 2001 at 09:24:30AM +0000, John Imrie wrote:
$message =~ s/[^\w\s]//g;
$message =~ s/[^A-Za-z0-9]//g;
Note that these two are almost identical in the default locale, but the
first version also allows whitespace (maybe useful :) and more
international-friendly characters such as: áîåïéáð ....
"Soldiers quartered in a populous town will always occasion two mobs
where they prevent one. They are wretched conservators of the peace."
-- John Adams