I've been meaning to ask- is there any plan to add special support for XML features such as string escaping? It would be very useful, IMHO, to have something analogous to the "\Q" feature in perl5 for escaping regexps, but which would do XML-style "<" and ">" escaping.
I'm specifically interested in how features like this might be applicable to the problem of "Cross-Site Scripting" security vulnerabilities in perl-based web applications. The types of escaping which are necessary for this are described at http://www.cert.org/tech_tips/malicious_code_mitigation.html I think tainting is a BIG part of the solution. But is there more that might make sense to provide in the language? With XML generation and parsing becoming so common, it seems to me that an argument could be made that low-level mechanisms for properly parsing and generating XML/HTML content in a flexible way belongs in the core libraries, if not the language itself. --Josh -- Josh Wilmes ([EMAIL PROTECTED]) | http://www.hitchhiker.org
