Menu
▾
▴
#14 Deprecate ::env as much as possible and make it safer
I think that the use of env should be deprecated. It's
much
slower than normal variables, and it's got unintended
side effects from being a global.
I realise that, for cgi, there's no other way to pass
data into and back from the cgi code, but in that usage:
1) the env contents have to be protected against
interleaving,
2) the use of env should be restricted to places where it's
necessary ... I can think of cgi, but nowhere else.
3) the leakage of (potentially sensitive) information from
one invocation to the next is a bad thing, so env
should be cleaned up after use.