Line: 4 to 4 | ||||||||
---|---|---|---|---|---|---|---|---|
system functions, or handling of file names, should be brokered by this object. | ||||||||
Added: | ||||||||
> > | NOTE: TWiki creates a singleton sandbox that is shared by all TWiki runs under a single mod_perl instance. If any TWiki run modifies the sandbox, that modification will carry over in to subsequent runs. Be very, very careful! | |||||||
On this page:
| ||||||||
Line: 15 to 20 | ||||||||
Added: | ||||||||
> > | ObjectMethod finish ()Break circular references. | |||||||
StaticMethod untaintUnchecked ($string) -> $untaintedUntaints $string without any checks (dangerous). If $string is |
Line: 26 to 26 | ||||||||
---|---|---|---|---|---|---|---|---|
StaticMethod normalizeFileName ($string) -> $filename | ||||||||
Changed: | ||||||||
< < | STATIC Errors out if $string contains filtered characters. | |||||||
> > | Errors out if $string contains filtered characters. | |||||||
The returned string is not tainted, but it may contain shell metacharacters and even control characters. | ||||||||
Added: | ||||||||
> > | StaticMethod sanitizeAttachmentName ($fname) -> ($fileName,$origName)Given a file name received in a query parameter, sanitise it. Returns the sanitised name together with the basename before sanitisation. Sanitisation includes filtering illegal characters and mapping client file names to legal server names. | |||||||
ObjectMethod sysCommand ($template,@params) -> ($data,$exit)Invokes the program described by $template |
Line: 1 to 1 | ||||||||
---|---|---|---|---|---|---|---|---|
Added: | ||||||||
> > | Package
This object provides an interface to the outside world. All calls to
system functions, or handling of file names, should be brokered by
this object.
|