[mod_python] Publisher and form data validation?

Steve Bergman steve at rueb.com
Sat Sep 24 09:59:21 EDT 2005


How much does the publisher do with respect to data validation?

e.g. Does it insure that the data returned from a form field consists 
entirely of printable characters, or is that my responsibility?

If so, is there a prefered way to do it.  The method I'm using (lifted 
from the "Python Cookbook") seems a bit convoluted:

from string import maketrans, translate, printable
allchars = maketrans('','')
delchars = translate(allchars, allchars, printable)
input_string = translate(input_string, allchars, delchars)

It seems like there would be a simple function or method to do this kind 
of basic input data sanitization, but I can't seem to find it.

Other than checking lengths and printablility, what other security 
checks are good practice?

Thanks,
Steve Bergman


More information about the Mod_python mailing list