Start using sanitized &My::Web::escapeHTML instead of: &CGI::escapeHTML

diff --git a/Contact.pm b/Contact.pm
index 93785be..296ae8c 100644 (file)
--- a/Contact.pm
+++ b/Contact.pm
@@ -25,7 +25,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 Wrequire 'resume::ResumeJanKratochvil';
 use Carp qw(confess cluck);
 

diff --git a/Mailman.pm b/Mailman.pm
index 3b5f39d..ae78117 100644 (file)
--- a/Mailman.pm
+++ b/Mailman.pm
@@ -25,7 +25,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 use URI::Escape;
 require LWP::Simple;
 

diff --git a/WebConfig.pm b/WebConfig.pm
index 67c2d9b..a3421bd 100644 (file)
--- a/WebConfig.pm
+++ b/WebConfig.pm
@@ -32,7 +32,6 @@ use vars qw(@ISA @EXPORT);
 @EXPORT=qw(%WebConfig);
 
 use My::Web;
-require CGI;
 
 
 my $resume_url="/resume/Resume-JanKratochvil.pm/Resume-JanKratochvil.html";
@@ -45,7 +44,7 @@ our %WebConfig=(
                                return My::Web::a_href("http://www.jankratochvil.net/","Jan Kratochvil") if 0
                                                || $name eq "short"
                                                || $name eq "lace";
-                               return CGI::escapeHTML($name);
+                               return escapeHTML($name);
                        },
                "viewcvs"=>"http://cvs.jankratochvil.net/viewcvs/www/www.jankratochvil.net/",
                "title_prefix"=>"Jan Kratochvil",

diff --git a/etmms/Index.pm b/etmms/Index.pm
index eb7e12b..cbaea86 100644 (file)
--- a/etmms/Index.pm
+++ b/etmms/Index.pm
@@ -25,7 +25,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 Wrequire 'project::Lib';
 
 

diff --git a/project/Lib.pm b/project/Lib.pm
index e48b92a..348cd38 100644 (file)
--- a/project/Lib.pm
+++ b/project/Lib.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 use Carp qw(cluck confess);
 
 use Exporter;
@@ -92,14 +91,14 @@ my($class,$ListItem)=@_;
                                                return "Download".$_[0];
                                                },
                                "format"=>sub ($) {
-                                               return a_href($_[0],CGI::escapeHTML(File::Basename::basename($_[0])),"size"=>2);
+                                               return a_href($_[0],escapeHTML(File::Basename::basename($_[0])),"size"=>2);
                                                }},
                {"key"=>qr(^link\b),"text"=>sub ($) {
                                                $_[0]=~s/^link-//;
                                                return $_[0];
                                                },
                                "format"=>sub ($) {
-                                               return($_[0]=~/^<a\b/ ? $_[0] : a_href($_[0],CGI::escapeHTML($_[0])));
+                                               return($_[0]=~/^<a\b/ ? $_[0] : a_href($_[0],escapeHTML($_[0])));
                                                }},
                {"key"=>qr(^cvs\b),"text"=>sub ($) {
                                                $_[0]=~s/^cvs//;
@@ -113,7 +112,7 @@ my($class,$ListItem)=@_;
                                                my $branch="";
                                                $branch=$1 if $val=~s/:(.*)//;
                                                return join("<br />\n\t\t",
-                                                               CGI::escapeHTML("cvs -d ".$W->{"pserver"}.":".$W->{"pserver_path"}." -z3"
+                                                               escapeHTML("cvs -d ".$W->{"pserver"}.":".$W->{"pserver_path"}." -z3"
                                                                                ." checkout".(!$branch ? "" : " -r $branch -kk")
                                                                                .($val!~m#/# ? "" : " -d ".File::Basename::basename($val))
                                                                                ." $val"),
@@ -128,9 +127,9 @@ my($class,$ListItem)=@_;
                {"key"=>"ownership","text"=>"Ownership"},
                {"key"=>"sponsorship","text"=>"Sponsorship"},
                {"key"=>"language","text"=>"Programming language","format"=>sub ($) {
-                               return a_href("http://java.sun.com/",CGI::escapeHTML($_[0]))
+                               return a_href("http://java.sun.com/",escapeHTML($_[0]))
                                                if $_[0]=~/^Java\b/;
-                               return a_href("http://www.php.net/",CGI::escapeHTML($_[0]))
+                               return a_href("http://www.php.net/",escapeHTML($_[0]))
                                                if $_[0]=~/^PHP\b/;
                                return undef();
                                }},

diff --git a/project/PerlMail/Index.pm b/project/PerlMail/Index.pm
index 9fbd8d4..23a1dd2 100644 (file)
--- a/project/PerlMail/Index.pm
+++ b/project/PerlMail/Index.pm
@@ -45,7 +45,7 @@ It supports @{[ a_href 'http://www.perl.org/','Perl' ]}-rules filtering, dynamic
 mobile SMS forwarding, @{[ a_href 'http://www.mutt.org/','Mutt' ]} integration,
 @{[ a_href 'http://www.nokia.com/phones/9110i','Nokia Communicator' ]} contacts directory integration.</p>
 <p>Use if you like: <span class="quote">
-       @{[ CGI::escapeHTML(q{store "=spam" if ($_=mimehead(body_first())->mime_attr("Content-Type")) && m#text/html#i;}) ]}
+       @{[ escapeHTML(q{store "=spam" if ($_=mimehead(body_first())->mime_attr("Content-Type")) && m#text/html#i;}) ]}
        </span></p>
 HERE
                );

diff --git a/project/captive/Resources.pm b/project/captive/Resources.pm
index 1af3c8d..7feb9ad 100755 (executable)
--- a/project/captive/Resources.pm
+++ b/project/captive/Resources.pm
@@ -68,7 +68,7 @@ print "<ul>\n";
        for (my @URLa=@URLs;@URLa;) {
                my $text=shift @URLa;
                my $url=shift @URLa;
-               print "\t<li>".a_href($url,CGI::escapeHTML($text))."</li>\n";
+               print "\t<li>".a_href($url,escapeHTML($text))."</li>\n";
                }
 print "</ul>\n";
 

diff --git a/project/captive/doc/APITypes.pm b/project/captive/doc/APITypes.pm
index e5a6658..826a272 100755 (executable)
--- a/project/captive/doc/APITypes.pm
+++ b/project/captive/doc/APITypes.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/About.pm b/project/captive/doc/About.pm
index 24fa819..4e5ef00 100755 (executable)
--- a/project/captive/doc/About.pm
+++ b/project/captive/doc/About.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/Architecture.pm b/project/captive/doc/Architecture.pm
index d89ad5a..095d99c 100755 (executable)
--- a/project/captive/doc/Architecture.pm
+++ b/project/captive/doc/Architecture.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/CacheManager.pm b/project/captive/doc/CacheManager.pm
index c9728bf..c06e455 100755 (executable)
--- a/project/captive/doc/CacheManager.pm
+++ b/project/captive/doc/CacheManager.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/CallType.pm b/project/captive/doc/CallType.pm
index 16e14f4..82a4e87 100755 (executable)
--- a/project/captive/doc/CallType.pm
+++ b/project/captive/doc/CallType.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/Components.pm b/project/captive/doc/Components.pm
index 1813e76..a3687f3 100755 (executable)
--- a/project/captive/doc/Components.pm
+++ b/project/captive/doc/Components.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/Details.pm b/project/captive/doc/Details.pm
index 6e7633f..87af70b 100755 (executable)
--- a/project/captive/doc/Details.pm
+++ b/project/captive/doc/Details.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/Index.pm b/project/captive/doc/Index.pm
index 5ddc4ff..1a5f536 100755 (executable)
--- a/project/captive/doc/Index.pm
+++ b/project/captive/doc/Index.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/LinuxNTFS.pm b/project/captive/doc/LinuxNTFS.pm
index df31dd8..5e5bbbc 100755 (executable)
--- a/project/captive/doc/LinuxNTFS.pm
+++ b/project/captive/doc/LinuxNTFS.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/Macros.pm b/project/captive/doc/Macros.pm
index c247d6f..64b7bed 100755 (executable)
--- a/project/captive/doc/Macros.pm
+++ b/project/captive/doc/Macros.pm
@@ -31,7 +31,6 @@ our @EXPORT=qw(
 our @ISA=qw(Exporter);
 
 use My::Web;
-require CGI;
 Wrequire 'project::Lib';
 
 
@@ -97,7 +96,7 @@ sub productname
 {
 my($url,$name)=@_;
 
-       return '<span class="productname">'.a_href($url,CGI::escapeHTML($name)).'</span>';
+       return '<span class="productname">'.a_href($url,escapeHTML($name)).'</span>';
 }
 our($Wine,$ReactOS,$LinuxNTFS,$GnomeVFS,$GnomeVFSmodule,$gnulinux,$freespeech,$freebeer);
 

diff --git a/project/captive/doc/Related.pm b/project/captive/doc/Related.pm
index d9c68a0..9752028 100755 (executable)
--- a/project/captive/doc/Related.pm
+++ b/project/captive/doc/Related.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/captive/doc/Reverse.pm b/project/captive/doc/Reverse.pm
index f341909..cbff910 100755 (executable)
--- a/project/captive/doc/Reverse.pm
+++ b/project/captive/doc/Reverse.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler
@@ -142,7 +141,7 @@ print <<"HERE";
 
                        <blockquote class="command">
                                <p># Rename xpsp1sym_x86_chk.exe contents .pdb files for WinDbg<br />
-                               @{[ CGI::escapeHTML(q{for i in *.pdb*;do ext="`echo $i|sed 's/^.*\.pdb\.\(.*\)$/\1/'`";if [ "$i" = "$ext" ];then echo "BAD:$i";break;fi;base="`echo $i|sed 's/\(\.pdb\)\..*$/\1/'`";echo "md $ext";echo "move /-y $i $ext\\$base";done|sort -u|sed 's/$/'`echo -ne '\r'`'/g' >/tmp/rename.bat}) ]}</p>
+                               @{[ escapeHTML(q{for i in *.pdb*;do ext="`echo $i|sed 's/^.*\.pdb\.\(.*\)$/\1/'`";if [ "$i" = "$ext" ];then echo "BAD:$i";break;fi;base="`echo $i|sed 's/\(\.pdb\)\..*$/\1/'`";echo "md $ext";echo "move /-y $i $ext\\$base";done|sort -u|sed 's/$/'`echo -ne '\r'`'/g' >/tmp/rename.bat}) ]}</p>
                        </blockquote>
 
                        <p>The resulting <span class="command">rename.bat</span> for

diff --git a/project/captive/doc/TODO.pm b/project/captive/doc/TODO.pm
index 999ef03..afbc2e6 100755 (executable)
--- a/project/captive/doc/TODO.pm
+++ b/project/captive/doc/TODO.pm
@@ -24,7 +24,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 
 
 sub handler

diff --git a/project/postget/Index.pm b/project/postget/Index.pm
index 61f2181..11cea70 100644 (file)
--- a/project/postget/Index.pm
+++ b/project/postget/Index.pm
@@ -74,7 +74,7 @@ print <<"HERE";
        </li>
        <li>
                <p>Bookmark the following @{[ a_href 'http://freshmeat.net/','Freshmeat' ]} URL:
-                               @{[ CGI::escapeHTML(q{http://localhost/~lace/cgi-bin/postget.php?_postget=http%3A%2F%2Ffreshmeat.net%2Flogin%2F&url=%2F&username=YOUR_USERNAME&password=_priv_postget.freshmeat.net.pwd&persistent=1}) ]}
+                               @{[ escapeHTML(q{http://localhost/~lace/cgi-bin/postget.php?_postget=http%3A%2F%2Ffreshmeat.net%2Flogin%2F&url=%2F&username=YOUR_USERNAME&password=_priv_postget.freshmeat.net.pwd&persistent=1}) ]}
                </p>
                <p>(Replace <b>YOUR_USERNAME</b> with your @{[ a_href 'http://freshmeat.net/','Freshmeat' ]}
                account name.</p>

diff --git a/project/ssht/Index.pm b/project/ssht/Index.pm
index c654889..c3eb929 100644 (file)
--- a/project/ssht/Index.pm
+++ b/project/ssht/Index.pm
@@ -58,7 +58,7 @@ my $cvsfile=sub ($) {
 my($file)=@_;
 
        return a_href $W->{"project_viewcvs"}.'/*checkout*/ssht/hostintranet/etc-inittab?rev=HEAD',
-                       CGI::escapeHTML($file);
+                       escapeHTML($file);
 };
 
 print <<"HERE";

diff --git a/resume/ResumeJanKratochvil.pm b/resume/ResumeJanKratochvil.pm
index 413bff3..b1cbcfd 100644 (file)
--- a/resume/ResumeJanKratochvil.pm
+++ b/resume/ResumeJanKratochvil.pm
@@ -25,7 +25,6 @@ use strict;
 use warnings;
 
 use My::Web;
-require CGI;
 require Crypt::Rot13;
 Wrequire 'project::Lib';
 
@@ -290,7 +289,7 @@ if (lc($W->{"args"}{"referees"}) ne "referees") {
                        <hr />
                        <form method="post" action="@{[ uri_escaped(path_web $W->{"resume_url"}) ]}">
                                <p>Enter the word '<b>referees</b>' (without quotes) to disclose e-mail addresses:<br />
-                               <input type="text" size="15" name="referees" value="@{[ CGI::escapeHTML($W->{"args"}{"referees"}) ]}" /><br />
+                               <input type="text" size="15" name="referees" value="@{[ escapeHTML($W->{"args"}{"referees"}) ]}" /><br />
                                <input type="submit" value="Submit" /><br />
                                (spambot protection)</p>
                        </form>