[Ur] Request environment variables

[Adam Chlipala]

Edward Z. Yang wrote:
> Servers pass a lot of interesting information to the CGI
> programs in the form of environment variables (for example,
> if you do client cert authentication, that info comes in the
> form of an environment variable.)  It would be great if
> Ur/Web could access that information.
>
> Now, implementing this requires a little bit of cooperation
> from the SAPIs, since, for example, FastCGI passes in its
> environment variables from the wire, so just calling getenv
> doesn't work.  But probably a 'getenv : string ->  transaction string'
> would work reasonably well.

Just exposing the environment variables literally doesn't sound so 
appetizing: any [transaction] code would be able to read any environment 
variable.  There could be sensitive information in there, and it's nice 
to be able to run other people's library code without worrying that it 
can read sensitive information.

Ur/Web already supports a whitelist of HTTP headers that may be read by 
transactions.  What do you think of a directive that maps an environment 
variable name in as a specific HTTP header?  Then the existing mechanism 
can do double-duty via a single whitelist.

Another idea would be to create an abstract "capability" type, where a 
page handler may always request such a value as a function argument.  
State-access functions like header/environment variable reading could 
require a value of this type as an argument, so that a page handler 
could call other functions without giving them direct access to touch 
the request/response context.

I'm inclined to implement both of these ideas.