[Ur] EUnurlify in code to be compiled to JavaScript[2]?

Adam Chlipala adamc at csail.mit.edu
Mon May 1 09:49:54 EDT 2017


On 05/01/2017 09:42 AM, Benjamin Barenblat wrote:
> On Sun, Apr 30, 2017 at 1:19 PM, Adam Chlipala <adamc at csail.mit.edu> wrote:
>> Ur/Web doesn't support any interaction with cookies in client-side
>> code.
> Is this because Ur/Web signs all its cookies and doing the signing and
> verification on the client side is a security problem?

No, it's because said feature didn't seem necessary to implement so far 
(you can always hoist the cookie reads into the server-side code, 
referring to their variables in client code), /and/ the implementation 
strategy for deserializing cookie values so far happens to use 
server-side-specific code (direct generation of rather imperative C in 
the Ur/Web compiler), so it's not a quick job to extend to client code.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.impredicative.com/pipermail/ur/attachments/20170501/1ad9cfeb/attachment.html>


More information about the Ur mailing list