On 05/01/2017 09:42 AM, Benjamin Barenblat wrote:
On Sun, Apr 30, 2017 at 1:19 PM, Adam Chlipala <ad...@csail.mit.edu> wrote:
Ur/Web doesn't support any interaction with cookies in client-side
code.
Is this because Ur/Web signs all its cookies and doing the signing and
verification on the client side is a security problem?
No, it's because said feature didn't seem necessary to implement so far
(you can always hoist the cookie reads into the server-side code,
referring to their variables in client code), /and/ the implementation
strategy for deserializing cookie values so far happens to use
server-side-specific code (direct generation of rather imperative C in
the Ur/Web compiler), so it's not a quick job to extend to client code.
_______________________________________________
Ur mailing list
Ur@impredicative.com
http://www.impredicative.com/cgi-bin/mailman/listinfo/ur