/ 
Encode-3.21
River stage five • 1200 direct dependents • 35141 total dependents
/ Encode::Unicode::UTF7
Security Advisories (1)
CVE-2021-36770 (2021-07-17)

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.

NAME

Encode::Unicode::UTF7 -- UTF-7 encoding

SYNOPSIS

use Encode qw/encode decode/; 
$utf7 = encode("UTF-7", $utf8);
$utf8 = decode("UTF-7", $ucs2);

ABSTRACT

This module implements UTF-7 encoding documented in RFC 2152. UTF-7, as its name suggests, is a 7-bit re-encoded version of UTF-16BE. It is designed to be MTA-safe and expected to be a standard way to exchange Unicoded mails via mails. But with the advent of UTF-8 and 8-bit compliant MTAs, UTF-7 is hardly ever used.

UTF-7 was not supported by Encode until version 1.95 because of that. But Unicode::String, a module by Gisle Aas which adds Unicode supports to non-utf8-savvy perl did support UTF-7, the UTF-7 support was added so Encode can supersede Unicode::String 100%.

In Practice

When you want to encode Unicode for mails and web pages, however, do not use UTF-7 unless you are sure your recipients and readers can handle it. Very few MUAs and WWW Browsers support these days (only Mozilla seems to support one). For general cases, use UTF-8 for message body and MIME-Header for header instead.

SEE ALSO

Encode, Encode::Unicode, Unicode::String

RFC 2781 http://www.ietf.org/rfc/rfc2152.txt