# Note: You must always check (and perhaps filter)
# user input before using this, or any, script.
# As Michael G Schwern (schwern@pobox.com)
# shrewdly noted about this code (as presented)....
#
# "I have one thing to say:
# file://etc/passwd"
#
#!/usr/local/bin/perl -wT
use LWP::Simple;
use CGI;
use strict;
use CGI::Carp qw(fatalsToBrowser);
use vars qw($dataIn $url $thisScript);
$thisScript = "url_grab.cgi";
$dataIn = new CGI;
print $dataIn->header();
$url = $dataIn->param('url');
# We have to untaint the URL
# So we filter it so that it needs to be word
# characters or dash characters.
if ($url =~ /([\w-:\/.]+)/)
{
$url = $1;
}
else
{
$url = "";
}
if ($url eq "")
{
print qq!
Link Jumper
!;
exit;
}
else
{
print get($url);
exit;
}