PHP - security etc

Paul Makepeace paulm at
Wed Mar 7 21:22:56 GMT 2007

On 3/7/07, David Dorward <david at> wrote:
> David Cantrell wrote:
> > Of course, one has to do the same when putting a web page together using
> > perl, don't you?
> Nope :)
> my $template_toolkit_config = {
>      INCLUDE_PATH => $data_path,
>      STASH => Template::Stash::EscapeHTML->new
> };

This didn't work nearly as well in practice as it appeared from
reading the tin. Have you actually used it in anger or is this a copy
& paste solution from another thread? The conclusion I got from
reading between lines on catalyst, templates, and is that
Perl just doesn't have decent HTML+template+escaping yet either.


More information about the mailing list