Chris McDonough <chr...@plope.com> added the comment: The plugin does too much. But it doesn't do so entirely stupidly: it does too much because people *wanted* it to do too much, and the casting magic is useful. People wanted the value of environ['repoze.who.identity']['repoze.who.userid'] to be of a type that made sense for their app so they didn't have to cast the userid explictly from whatever type it is within their application (often integer or unicode; not always a bytestring) to a bytestring to set a "user id"; inversely they didn't want to have to cast the userid explicitly to the application type from a bytestring when reading it out of the identity dictionary.
I am not talking about XSS when I refer to "security hole"; XSS is unrelated. I was talking about being able to retain the above (useful) property of being able to attach a type declaration to the userid. One way to do so would be of course to use the pickle module and just pickle the object: it would be a disastrous, monstrous security hole to unpickle data obtained from a cookie, but it would not require any type declarations in the user data. Is there a better way that wasnt a monstrous security hole but would offend your sensibilities less? __________________________________ Repoze Bugs <b...@bugs.repoze.org> <http://bugs.repoze.org/issue101> __________________________________ _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev