> -----Original Message-----
> From: Connie Chan [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 16, 2002 11:38 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: How fatalsToBrowser works ?
>
>
> I am on a Win32 system, and I use the fatalsToBrowser to
> prompt errors
> with some scripts. However, the error mesg will also prompt
> where exactly
> the file(script) is located. In case, I don't want the full
> path is exposed.
> Can I modify sth , perhaps regex s///, to mask the root path ?
>
> like :
> File not found : html/log/connie.txt at
> C:\WWWroot\CGI-ALL\index.pl line 12.
>
> is better be masked as :
> File not found : html/log/connie.txt at /index.pl line 12.
Why is revealing the full path to your script risky? What could a bad guy do
with that information? If you're concerned about that, using fatalsToBrowser
is probably a bad idea.
If you really want to munge the message, you could subclass CGI::Carp and
install your munger in front of the call to CGI::Carp::die in the
$SIG{__DIE__} handler.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
