CGI::Untaint
Perl geeks only:
I didn’t know where to save this little tidbit just-in-case, so I chose here.
CGI::Untaint is great (especially with its cool subclasses) for untainting incoming CGI params, but what if you want to use it to untaint other variables that aren’t coming in as CGI params?
Do this:
# untaint
# stuff the variable into a CGI param
$cgiobject->param( -name=> 'remote_addr', -value=> $ENV{REMOTE_ADDR} );
# create an instance of a CGI::Untaint object
my $untaint = CGI::Untaint->new( $cgiobject->Vars );
# perform the untaint, in this case requiring printable characters
my $remote_addr = $untaint->extract(-as_printable => 'remote_addr');
