1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
#!/usr/local/bin/perl
use strict;
use warnings;
use Test::More;
use Test::Warn;
use CGI ();
if ( ! eval 'use Test::Warn; 1' ) {
plan skip_all => 'Test::Warn required for this test';
} else {
plan tests => 8;
}
# Set up a CGI environment
$ENV{REQUEST_METHOD} = 'GET';
$ENV{QUERY_STRING} = 'game=chess&game=checkers&weather=dull';
my $q = CGI->new;
ok $q,"CGI::new()";
my @params;
warnings_are
{ @params = $q->param }
[],
"calling ->param with no args in list does not warn"
;
warning_like
{ @params = $q->param('game') }
qr/CGI::param called in list context from .+param_list_context\.t line 34, this can lead to vulnerabilities/,
"calling ->param with args in list context warns"
;
warnings_are
{ @params = $q->param('game') }
[],
" ... but we only warn once",
;
is_deeply(
[ sort @params ],
[ qw/ checkers chess / ],
'CGI::param()',
);
warnings_are
{ @params = $q->multi_param('game') }
[],
"no warnings calling multi_param"
;
is_deeply(
[ sort @params ],
[ qw/ checkers chess / ],
'CGI::multi_param'
);
$CGI::LIST_CONTEXT_WARN = 0;
warnings_are
{ @params = $q->param }
[],
"no warnings when LIST_CONTEXT_WARN set to 0"
;
|
