473,396 Members | 1,996 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > safe cgi parameter

Join Bytes to post your question to a community of 473,396 software developers and data experts.

safe cgi parameter

I'm trying to pass xml into a cgi script and have some problems because I both
want to escape all my inputs (to avoid the possibility of an html injection
attack) and also allow my xml to be obtained in its original form.

I thought of this

from xml.sax.saxutils import escape as xmlEscape
class SafeCgiParam(str):
def __new__(cls,v):
return str.__new__(cls,xmlEscape(v))
def __init__(self,v):
self.__raw__ = v
so
>>x=SafeCgiParam('a<&>b')
print x
a&lt;&amp;&gt;b
>>print x.__raw__
a<&>b
ie always wrap the value, but access to the original is possible via __raw__.

However, if you do anything like x.strip() the original is lost. I'm not sure
that's a bad thing, but I thought I would ask what others do for this problem.
--
Robin Becker

Jun 4 '07 #1
0 773
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
mail() - fifth parameter in SAFE MODE
by: Giobibo | last post by:
Hi. I want to send mail with the function mail(). I am on a shared server in SAFE MODE. When I send a mail I get the message: "SAFE MODE Restriction in effect. The fifth parameter is...
PHP
6
Is this public static method for reading files thread safe
by: GG | last post by:
Is this public static method thread safe. //Receives a file name as a parameter //and returns the contents of that file as a string public static string FileToStr(string fileName) { FileStream...
C# / C Sharp
11
Multi-threaded safe singleton class question
by: John Lee | last post by:
Hi, I like the C# implemention of singleton class presented at MSDN. My question is that is it correct or right thing to do to modify that class to make the class will return the same instance...
C# / C Sharp
8
Is this string input function safe?
by: ais523 | last post by:
I use this function that I wrote for inputting strings. It's meant to return a pointer to mallocated memory holding one input string, or 0 on error. (Personally, I prefer to use 0 to NULL when...
C / C++
4
Elegant, clean and safe way of having multiple concurent parameters in a dbCommand
by: arak123 | last post by:
consider the following oversimplified and fictional code public void CreateInvoices(Invoice invoices) { IDbCommand command=Util.CreateDbCommand(); foreach(Invoice invoice in invoices) //lets...
C# / C Sharp
5
Make a Base64 string Url Safe
by: Rasmus | last post by:
In a asp.net site i need to make a url link like this:...
.NET Framework
5
How to make Base64 string url safe
by: Rasmus | last post by:
In a asp.net site i need to make a url link like this:...
ASP.NET
7
how safe is this mapping
by: Tom | last post by:
I create a object in function foo and then I pass the reference of the object to function bar like this void foo() { class_foo myFoo(); bar(myFoo); } void bar(class_foo& object)
C / C++
1
Compressing a string with URL safe characters
by: Gerry Vandermaesen | last post by:
Hi all, What would be the best way to encode and optimally also compress a long string with URL unsafe characters to be passed as a GET parameter? Example string: ...
PHP
0
Adding binaries to source safe
by: WebSnozz | last post by:
I would like to add my binaries from the Release directory of several projects to source safe. My hope is that I can get latest, build the project, and then check-in so that the binaries are...
C# / C Sharp
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!