=head1 NAME
-perlfaq9 - Networking ($Revision: 1.15 $, $Date: 1997/03/25 18:17:20 $)
+perlfaq9 - Networking ($Revision: 1.17 $, $Date: 1997/04/24 22:44:29 $)
=head1 DESCRIPTION
=head2 How do I extract URLs?
-A quick but imperfect approach is
+A quick but imperfect approach is
#!/usr/bin/perl -n00
# qxurl - tchrist@perl.com
}gsix;
This version does not adjust relative URLs, understand alternate
-bases, deal with HTML comments, or accept URLs themselves as
-arguments. It also runs about 100x faster than a more "complete"
-solution using the LWP suite of modules, such as the
+bases, deal with HTML comments, deal with HREF and NAME attributes in
+the same tag, or accept URLs themselves as arguments. It also runs
+about 100x faster than a more "complete" solution using the LWP suite
+of modules, such as the
http://www.perl.com/CPAN/authors/Tom_Christiansen/scripts/xurl.gz
program.
=head2 How do I fetch an HTML file?
-Use the LWP::Simple module available from CPAN, part of the excellent
-libwww-perl (LWP) package. On the other hand, and if you have the
-lynx text-based HTML browser installed on your system, this isn't too
-bad:
+One approach, if you have the lynx text-based HTML browser installed
+on your system, is this:
$html_code = `lynx -source $url`;
$text_data = `lynx -dump $url`;
+The libwww-perl (LWP) modules from CPAN provide a more powerful way to
+do this. They work through proxies, and don't require lynx:
+
+ # print HTML from a URL
+ use LWP::Simple;
+ getprint "http://www.sn.no/libwww-perl/";
+
+ # print ASCII from HTML from a URL
+ use LWP::Simple;
+ use HTML::Parse;
+ use HTML::FormatText;
+ my ($html, $ascii);
+ $html = get("http://www.perl.com/");
+ defined $html
+ or die "Can't fetch HTML from http://www.perl.com/";
+ $ascii = HTML::FormatText->new->format(parse_html($html));
+ print $ascii;
+
=head2 how do I decode or create those %-encodings on the web?
Here's an example of decoding:
->new(DB => "/foo/.htpasswd")
->add($username => $password);
+=head2 How do I make sure users can't enter values into a form that cause my CGI script to do bad things?
+
+Read the CGI security FAQ, at
+http://www-genome.wi.mit.edu/WWW/faqs/www-security-faq.html, and the
+Perl/CGI FAQ at
+http://www.perl.com/CPAN/doc/FAQs/cgi/perl-cgi-faq.html.
+
+In brief: use tainting (see L<perlsec>), which makes sure that data
+from outside your script (eg, CGI parameters) are never used in
+C<eval> or C<system> calls. In addition to tainting, never use the
+single-argument form of system() or exec(). Instead, supply the
+command and arguments as a list, which prevents shell globbing.
+
=head2 How do I parse an email header?
For a quick-and-dirty solution, try this solution derived
(say, Bill Clinton or your postmaster), and then makes sure that the
hostname given can be looked up in DNS. It's not fast, but it works.
+Here's an alternative strategy used by many CGI script authors: Check
+the email address with a simple regexp (such as the one above). If
+the regexp matched the address, accept the address. If the regexp
+didn't match the address, request confirmation from the user that the
+email address they entered was correct.
+
=head2 How do I decode a MIME/BASE64 string?
The MIME-tools package (available from CPAN) handles this and a lot
Copyright (c) 1997 Tom Christiansen and Nathan Torkington.
All rights reserved. See L<perlfaq> for distribution information.
+
projects / p5sagit/p5-mst-13.2.git / blobdiff