[dancer-users] Dancer::Plugin::Email taint
xsawyerx at gmail.com
Thu Feb 11 21:46:59 GMT 2016
Dancer::Plugin::Email uses Email::Sender. It has several transport
layers (configurable in Dancer::Plugin::Email). Even the one you could
be worried about, which is the "run the sendmail app" one, still seems
to be written safely:
So, doesn't seem like you need to worry about escaping such things as
command line applications and parameters.
On Sun, Feb 7, 2016 at 10:17 PM, Mike Cu <mike_cu80 at yahoo.com> wrote:
> When using the Dancer::Plugin::Email module,should you check the user input for tainted data? like for the classic rm -rf?
> dancer-users mailing list
> dancer-users at dancer.pm
More information about the dancer-users