[HOME] [github] [twitter] [blog] [fml4] [fml8] [北海道] Powered by NetBSD and [nuinui.net] .

Restrict Input Data

Table of Contents
Overview: Checks Of Input Data
FML::Restriction Class
How CGI Restricts The Input
Discussion: FML::Restriction Is Too Restrictive ?

fml8 checks the input by regular expression FML::Restriction class provides.

Overview: Checks Of Input Data

Restriction For Article Posting

Restrictions for article are ambiguous or too restrictive. In fact FML::Restriction class does not provide restriction rules for article posting.

Instead FML::Filter filter system checks each line of content.

Restrictions For Command Mail

FML::Process::Command class parses each line of the command mail and checks the input by regular expressions FML::Restriction::Command provides. If the check is passed, fml8 calls FML::Command::{User,Admin}::COMMAND at the next step.


CGI programs can receive the input from HTTP via only safe_param_XXX() method.

It is expected that safe_param_*() and try_cgi_*() returns the safe value.

These safe_param_XXX() functions checks the input by regular expressions FML::Restriction::CGI provides (FML::Restriction::CGI inherits FML::Restriction::Base).

makefml / fml

CUI runs on the shell. It means he/she who runs CUI has priviledge to log in the mailing list server. So it does not check the input.

Each module checks the input independetly in that case though no checks by FML::Restriction at the entrance. For example, "adduser" module checks whether the input address is valid or not even in the case of CUI. These restrictions are dependent command specific modules. These are applied even in the case of CUI.

[HOME] [github] [twitter] [blog] [fml4] [fml8] [北海道] Powered by NetBSD and [nuinui.net] .
Copyright (C) 1993-2022 Ken'ichi Fukamachi mail:< fukachan at fml.org >