[Ur] Supporting 'style' attribute securely
Edward Z. Yang
ezyang at MIT.EDU
Tue Apr 24 02:16:06 EDT 2012
> And I disagree that compiler should prevent things like phishing through
> absolute positioning etc. Compiler should be safe with respect to
> _programmer's_ errors; this also means that user data can't appear in unsafe
> place unintentionally, without explicit parsing of this data. But if
> programmer do explicit parsing, compiler can not check correctness --- for
> example, if I use plain text design of forum, for safe input I need check
> alignments (that is leading spaces), compiler can't help me in this question.
The researchers in the information flow community would disagree!
Joking aside, I agree that a lot of the cases that I'm bringing up
are specific to an adversarial context. But I think, if anything,
it indicates that if we /decide/ to care, then a lot of thought
and care should be taken.
Of course, if we decide not to care, then there are any number
of not obviously wrong things to do.
Edward
More information about the Ur
mailing list