[dancer-users] Dancer::Plugin::Email taint

Sawyer X xsawyerx at gmail.com
Thu Feb 11 21:46:59 GMT 2016

Dancer::Plugin::Email uses Email::Sender. It has several transport
layers (configurable in Dancer::Plugin::Email). Even the one you could
be worried about, which is the "run the sendmail app" one, still seems
to be written safely:


So, doesn't seem like you need to worry about escaping such things as
command line applications and parameters.

On Sun, Feb 7, 2016 at 10:17 PM, Mike Cu <mike_cu80 at yahoo.com> wrote:
> When using the Dancer::Plugin::Email module,should you check the user input for tainted data? like for the classic rm -rf?
> _______________________________________________
> dancer-users mailing list
> dancer-users at dancer.pm
> http://lists.preshweb.co.uk/mailman/listinfo/dancer-users

More information about the dancer-users mailing list