Item14910: Remove Taint::Runtime

ConfigurePlugin/lib/Foswiki/Plugins/ConfigurePlugin.pm

@@ -147,19 +147,9 @@ sub _JSONwrap {
         my $reporter = Foswiki::Configure::Reporter->new();
 
         no strict 'refs';
-        my $response;
-
-        eval { require Taint::Runtime; };
-        if ($@) {
-            $response = &$method( $request->params(), $reporter );
-        }
-        else {
-            # Disable taint checking, it's more trouble than it's worth
-            local $Taint::Runtime::TAINT = 0;
-            $response = &$method( $request->params(), $reporter );
-        }
-
+        my $response = &$method( $request->params(), $reporter );
         use strict 'refs';
+
         unless ($response) {
 
             # Should never get here

RCSStoreContrib/test/unit/RCSStoreContrib/VCStoreTests.pm

@@ -83,25 +83,11 @@ sub set_up_for_verify {
     my $this = shift;
     $this->createNewFoswikiSession();
 
-    # SMELL:  We need to go through all this because File::Remove with a
-    # wildcard causes taint errors.   Logic copied from Foswiki.pm.
-    my $taintrt;
-    unless ( $Foswiki::cfg{UseLocale} ) {
-        eval { require Taint::Runtime; };
-        unless ($@) {
-
-            # Disable taint checking
-            my $taintrt = 1;
-            Taint::Runtime::_taint_stop();
-        }
-    }
-
     # Clean up here in case test was aborted
     File::Remove::remove( \1,
         "$Foswiki::cfg{DataDir}/$this->{test_web}/$this->{test_topic}*" );
 
     unlink "$Foswiki::cfg{TempfileDir}/testfile.txt";
-    Taint::Runtime::_taint_start() if ($taintrt);
 
     return;
 }

UnitTestContrib/test/unit/EngineTests.pm

@@ -432,21 +432,7 @@ sub test_simple_response {
     my $req = new Foswiki::Request;
     $req->method('POST');
     $req->param( 'desired_test_response' => freeze($res) );
-    my $response;
-
-#SMELL: I have been unable to explain why this test fails when Taint checking is enabled.
-#       The failure is 'Insecure dependency in eval while running with -T switch at ...lib/Foswiki/UI/Test.pm'
-#       Line 13,  which is     eval $_[0] or die $@;
-    eval { require Taint::Runtime; };
-    if ($@) {
-        $response = $this->make_request($req);
-    }
-    else {
-
-        # Disable taint checking, it's more trouble than it's worth
-        local $Taint::Runtime::TAINT = 0;
-        $response = $this->make_request($req);
-    }
+    my $response = $this->make_request($req);
     $this->assert_deep_equals(
         ['teste'],
         [ $response->header('X-Bli') ],

core/lib/Foswiki.pm

@@ -376,20 +376,6 @@ BEGIN {
         import locale();
     }
 
-    # Set environment var FOSWIKI_NOTAINT to disable taint checks even
-    # if Taint::Runtime is installed
-    elsif ( DEBUG && !$ENV{FOSWIKI_NOTAINT} ) {
-        eval { require Taint::Runtime; };
-        if ($@) {
-            print STDERR
-"DEVELOPER WARNING: taint mode could not be enabled. Is Taint::Runtime installed?\n";
-        }
-        else {
-            # Enable taint checking
-            Taint::Runtime::_taint_start();
-        }
-    }
-
     # If not set, default to strikeone validation
     $Foswiki::cfg{Validation}{Method} ||= 'strikeone';
     $Foswiki::cfg{Validation}{ValidForTime} = $Foswiki::cfg{LeaseLength}