my point is largely that using a framework/language where you're not at risk of accidentally eval'ing or running something unintended unless you deliberately run eval or idk don't use your SQL libraries' substitution feature, makes it much harder to fuck up in critical ways
With CGI as I understand it you have to think about:
- what exactly are your web server settings, what will be allowed to be executed
- path traversal issues
- advanced sysadmin knowledge to mitigate the above (chroots, restricting permissions, namespacing, etc)
- ensuring you don't accidentally put some file that shouldn't be there in the web server root directory
- parsing/escaping whatever inputs you get correctly
With more abstracted systems you will not have to worry about a lot of those things, just handling things correctly in your code, which can be reasonably simple when you use things like say Pydantic to validate the structure and contents of the received data
luna the doggie :neofox_snug: :therian:
npub1ff…c269v
2026-04-02 10:58:55 UTC
in reply to nevent1q…7dnj
Author Public Key
npub1ff9crursgjtj5j3eaz5uktqhpk7flrfg69fgtr37mm07999669us4c269vSeen on
wss://relay.momostr.pinkPublished at
2026-04-02 10:58:55 UTCEvent JSON
{
"id": "a9b0f1b9f7070954883f879a4d79dc5229d44b0438e1f59121050ef724500012",
"pubkey": "4a4b81f07044972a4a39e8a9cb2c170dbc9f8d28d152858e3ededfe294bad179",
"created_at": 1775127535,
"kind": 1,
"tags": [
[
"p",
"d8784e1235e59d8a0faf020c35dac3c5e80cede84b6c500992ee2b7062aabeeb"
],
[
"p",
"aea7898a7c135f88f08d4348291a7f3ea4730abd7eac75d577869ef0fbd16149"
],
[
"p",
"67e77a86ddf7baaea3f8886966de12fb0addfe66540dafee95baafae0cbb5a0c"
],
[
"p",
"4a4b81f07044972a4a39e8a9cb2c170dbc9f8d28d152858e3ededfe294bad179"
],
[
"e",
"b02413dea84ac13ff382747da3617bb1a6c261f2b4d0214bcc66b5072dd78d5f",
"",
"root",
"aea7898a7c135f88f08d4348291a7f3ea4730abd7eac75d577869ef0fbd16149"
],
[
"e",
"82734e36f817991bec84bb2bcc060a390f89103fbed29b3dbc6e30104f81f0f6",
"",
"reply",
"d8784e1235e59d8a0faf020c35dac3c5e80cede84b6c500992ee2b7062aabeeb"
],
[
"proxy",
"https://snug.moe/notes/akkxexmsxd5f3vkc",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://snug.moe/notes/akkxexmsxd5f3vkc",
"pink.momostr"
],
[
"-"
]
],
"content": "my point is largely that using a framework/language where you're not at risk of accidentally eval'ing or running something unintended unless you deliberately run eval or idk don't use your SQL libraries' substitution feature, makes it much harder to fuck up in critical ways\n\nWith CGI as I understand it you have to think about:\n- what exactly are your web server settings, what will be allowed to be executed\n- path traversal issues\n- advanced sysadmin knowledge to mitigate the above (chroots, restricting permissions, namespacing, etc)\n- ensuring you don't accidentally put some file that shouldn't be there in the web server root directory\n- parsing/escaping whatever inputs you get correctly \n\nWith more abstracted systems you will not have to worry about a lot of those things, just handling things correctly in your code, which can be reasonably simple when you use things like say Pydantic to validate the structure and contents of the received data",
"sig": "18b613f5ca3ba44d5ac883e50c13aac215cd7c990976947a95c2f6dbb9cf9d066224cec4e139176a948878f5dd1e0c25f277ab9f1f489dd202b3917a29882e6f"
}