Capability systems can turn authorization decisions into parsing decisions, points out Nathaniel Filardo. #SP16
yeah but is it a good idea? my favorite example here are ips parsed with regex: possible to do mostly correctly, but icky
-
-
you probably need semantic checks here anyway (no localhost etc); on the parser side you only need to look for digits and dots
-
ofc in a real world system it's more complex: cases like one-off script vs legacy vs you get to design it from the ground up
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.