我在我的CGI.pm中尝试了下面的所有验证,以检查我的EVENT_PARAMETERS是否包含任何不需要的字符。 但什么都没成功。在perl中有没有其他方法可以验证CGI EVENT_PARAMETERS是否可以抵御xss攻击?sub string_param{ #my local function in cgi.pm to validate the parameter push( @cooked, $val );
# return
所以,在我的a.cgi脚本中: # Value for $flag is undefined, if this script is run under# END block code only executed when process to handle a.cgi exit.# I wish to execute some code, just before process to handle a.cgi exit.if ($flag) {
# clean up code
我试着用cgi脚本来运行perlscript。但是,包含perl的cgi库不起作用:Can't locate CGI/Carp.pm in @INC (you may need to install the CGI::Carp module) (@INC contains: /etc/perl /usr/local/lib