Viktor Dukhovni:
> On Wed, Feb 16, 2022 at 09:42:51AM -0500, Wietse Venema wrote:
>
> > > Alternatively, perhaps there should be an option to turn off the safety
> > > net. Something like the '-J' option below (with appropriate
> > > documentation and warnings).
> >
> > And what about non-json output?
>
> My view of "postqueue -p" is that it is eyeball-readable and not
> machine-readable, and that sanitisation is appropriate to preserve the
> visual structure of the output.
It's not only eyeballs. There are 20 years of examples with mailq|awk.
This is where embedded newlines etc. could do damage, and there
should be no option to unsanitize that output.
> Users who want an unsanitised form of the queue content should
> consume JSON.
Unsanitized but json-escaped. If people want to unescape that, then
they have to write extra code, so 'unsanitized' would still be safe
for naive scripts.
I think I missed that "jq -r" output is still json-escaped. In that
light, is there any need for 3.7-style sanitization of json output?
We could still revert that early in 3.7.1; I doubt that this would
break things already.
Wietse
