Item13028: in DEBUG mode when locales are not in use, check for Taint…

…::Runtime and use it to programmatically enable taint checking. Developers need to be recommended to install this module, but it doesn't need to be compulsory

CompareRevisionsAddOn/bin/compare

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

CompareRevisionsAddOn/bin/compareauth

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

ConfigurePlugin/bin/configure

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/attach

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/changes

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/edit

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/login

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/logon

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/manage

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/oops

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/preview

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/previewauth

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/rdiff

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/rdiffauth

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/register

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/rename

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/resetpasswd

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/rest

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/restauth

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/save

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/search

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/statistics

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/upload

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/view

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/viewauth

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/viewfile

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/bin/viewfileauth

@@ -1,4 +1,4 @@
-#! /usr/bin/perl -wT
+#! /usr/bin/perl -w
 # See bottom of file for license and copyright information
 use strict;
 use warnings;

core/lib/AssertOff.pm

@@ -9,7 +9,7 @@ use strict;
 sub ASSERT { }
 
 sub UNTAINTED {
-    return 0;
+    return 1;
 }
 
 sub TAINT {

core/lib/Foswiki.pm

@@ -351,6 +351,17 @@ BEGIN {
         require locale;
         import locale();
     }
+    elsif (DEBUG) {
+        eval { require Taint::Runtime; };
+        if ($@) {
+            print STDERR
+"DEVELOPER WARNING: taint mode could not be enabled. Is Taint::Runtime installed?\n";
+        }
+        else {
+            # Enable taint checking
+            Taint::Runtime::_taint_start();
+        }
+    }
 
     # If not set, default to strikeone validation
     $Foswiki::cfg{Validation}{Method} ||= 'strikeone';