Chapter 11, Problem 4P Bookmark OW Bookmark Show all steps. COND You are asked to improve the security in the CGI handler script used to send comments to the Web master of your serverThe current script is use is shown in Figure with the associated form shown in Figure Identify some security deficiencies present in this script. Detail what steps are needed to correct them, and design an improved version of this script. Figure comment Form Handler Exercise #!/usr/bin/perl # comment.cgi - send comment to webmaster # specify recipient of comment email Stos webmaster ", use CGI; use CGI: Carp qw (atalOTOBrowser); $q = new CGI; create query object # display HTML header print $q-header $q-start_html ('Comment sent), Sq->hl ("Comment sent"); retrieve form field values and send comment to webmaster $subject = $q-param ("subject"); $from = $g->param("from"); $body = Sq-param ("body"); # generate and send comment email system ("export REPLYTO=\"$from\"; echo \";body\" I mail-s "$subject \" to"); # indicate to user that email was sent print "Thankyou for your comment on Soubject." print "This has been sent to Sto,"; # display HTML footer print $q-end_html; (a) Comment CGI script /headbody> subject of this comment: Your Email Address:

Please enter comments here:

area

/html>