Re: Name for "EscapeCage"

Definitely belongs under String.  But I don't like Escape in the name,
how about String::Cage?

On 6/26/07, Mark P Sullivan <msulliva@xxxxxxxx> wrote:
> I have written a (proof of concept of a) module which I think should be
> shared through CPAN.  Since I'm giving a lightning talk on it tomorrow
> at YAPC::NA, now seems like an ideal time to actually share it.
>
> Descriptive short blurb:
>
>         The String::EscapeCage module puts dangerous strings in a cage.
>         It eases escaping to various encodings, helps developers track
>         what data are dangerous, and prevents injection attacks.
>
> Descriptive moderately-sized blurb:
>
>         After the "cage" function cages a string, the "uncage" method
>         releases it and "escapehtml", "escapecstring", etc methods safely
>         escape (transform) it.  If an application cages all user-supplied
>         strings, then a run-time exception will prevent application code
>         from accidentally allowing an SQL, shell, cross-site scripting,
>         cat -v, etc injection attack.  EscapeCage's paranoia can be
>         adjusted for development.  The concept is similar to "tainted"
>         data, but is implemented by "overload"ing the '""' stringify
>         method on blessed scalar references.
>
>
> I think the most appropriate name is "String::EscapeCage".  Any
> suggestions?  "String::" is more appropriate than "Text::", right?
> Once I have the blessing of the elders, I'll upload it to PAUSE.  (My
> first module for CPAN, my first YAPC, and my first lightning talk;
> please be gentle.)
>
>
> --mark


--
Help bring back the San Jose Earthquakes - http://www.soccersiliconvalley.com/