SourceForge has been redesigned. Learn more.
Close

#28 Remove interaction between variables and URL args

closed
nobody
5
2011-12-21
2011-04-19
No

Variables are passed to diff, ident, search and source scripts as varname=value while state information and requests are also passed as param=value.
If a variable is given the same name as a state information argument (e.g. showattic or raw), mayhem may result.

To avoid this potential problem, use a prefix for all internal URL args, e.g. a dot, and forbid that prefix in variable names.

Discussion

  • Andre-Littoz

    Andre-Littoz - 2011-12-21
    • labels: 332894 --> Browsing Interface
    • status: open --> closed
     
  • Andre-Littoz

    Andre-Littoz - 2011-12-21

    The interaction has been removed by prefixing all internal parameters with an underscore _.
    A new rule/restriction will be added to the documentation to forbid an initial underscore or dollar in variable names.

    The rationale for the dollar is the need to override user variable value without resorting to a script. At the next LXR invocation, sub httpinit will do the trick before relinquishing control to the specific script.

    Code is in CVS for the next release (0.10).

     

Log in to post a comment.