[Haskell-beginners] Type checking to prevent data injection attacks?
Ertugrul Söylemez
es at ertes.de
Sat Dec 22 02:34:27 CET 2012
Mike Meyer <mwm at mired.org> wrote:
> I did some googling for this, but didn't turn up anything that seemed
> promising. Lots of stuff on type checking untrusted values, but no
> flagging strings as untrusted. Which leaves the questions...
>
> Is this actually a sane idea?
Of course. However, this hasn't come up too often in Haskell, because
in most cases parsing/processing is part of getting a string from the
outside world, so you don't get tainted strings in the first place.
That's because the usual stream processing abstractions don't actually
produce strings, but whatever you requested with all the processing
necessary to convert the raw stream to it.
Greets,
Ertugrul
--
Not to be or to be and (not to be or to be and (not to be or to be and
(not to be or to be and ... that is the list monad.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://www.haskell.org/pipermail/beginners/attachments/20121222/6b0b932e/attachment.pgp>
More information about the Beginners
mailing list