[Koha-bugs] [Bug 30997] "CGI::param called in list context" warning in detail.pl flooding error log
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Jun 21 10:55:48 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30997
--- Comment #5 from Andrew Nugged <nugged at gmail.com> ---
sidenote to David:
authors of CGI.pm decided to "warn only once" that's why Plack restart helps:
it starts from again "$LIST_CONTEXT_WARN == 1".
from CGI.pm source in sub param:
if ( wantarray && $LIST_CONTEXT_WARN == 1 ) {
my ( $package, $filename, $line ) = caller;
if ( $package ne 'CGI' ) {
$LIST_CONTEXT_WARN++; # only warn once
warn "CGI::param called in list context from $filename
line $line, this can lead to vulnerabilities. "
. 'See the warning in "Fetching the value or
values of a single named parameter"';
}
}
Petro: Maybe the commit explanation might be expanded with the note "on freshly
started plack because this wards suppressed later by CGI.pm"
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list