[ic] [loop-code] interpolation = security risk?

[Grant]

> IC6 embraces modern Perl and the many awesome CPAN modules out there. So
> this recommendation fits well there.
>
> IC6 also allows you to use any templating system you want (including none at
> all). Common ones include Template::Flute (by our own Stefan Hornburg) and
> Template::Toolkit (widely used in the larger Perl world).
>
> It would be nice to see an IC5 ITL port to IC6, but I don't consider it
> really feasible. IC5 is, as previously mentioned, a monolith of tightly
> coupled global references and depends on almost all of IC5 being there to
> work at all. An IC5 ITL parser without the whole of IC5's daemon behind it
> wouldn't be very useful at all.
>
> For the clients that we have moved to something else but left partly on IC5,
> using the web server to split up the URL space and proxy to something new
> like IC6 is a good way to have old & new coexist.
>
> I suspect someone will write an IC5 session handler for IC6 sooner or later,
> because that would allow a deeper level of interconnection between old &
> new.
>
> All this is what I spoke about at the recent Perl Dancer / Interchange
> conference in New York! My talk slides are here:
>
> http://jon.endpoint.com/dragging-old-web-apps-into-modernity/
>
> Others touched on some of these themes too. Nobody wants to have to start
> from scratch when moving to IC6, but there are ways to lessen the pain or
> increase the speed of getting some benefit.


Your method of communication is as lucid as ever (or perhaps even
moreso).  Is it possible to move over gradually and realize some
benefit along the way instead of beginning the rewrite process and
hoping I'm one day able to flip the big switch?  Instead of getting
IC5 stuff to run on IC6, can parts of IC6 be used with IC5?  Or
perhaps more practically, are there best practices for rewriting ITL
in Perl so that it still runs on IC5 but is as easy as possible to
port to IC6?

- Grant