On Mon, Sep 22, 2014 at 9:40 AM, Matthieu Monrocq < matthieu.monr...@gmail.com> wrote:
> If a method requires a XSS-safe string, then it should take the > XssSafeString parameter, which would implement Deref<String> and would be > built from a String by a method performing the necessary escaping. > This relies on all paths to XssSafeString being "safe" ones, which may be the case, but all it takes is a single chink in the armor for things to go amiss. I'd also note that "SafeString" is a terrible name and has lead to a lot of confusion in e.g. Ember.js. I'd suggest using "RawString" or "RawQuery", which is a lot more indicative of its actual contents. Having some sort of real taint analysis (or something akin to TS*'s Un type) to solve problems like this generically (i.e. tainted strings should not be used directly in any sort of templating would be a lot more interesting. Maybe in Rust 9.0 ;) -- Tony Arcieri
_______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev