help-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Printf and quoting in general, SQL injection in particular

From: Emanuel Berg
Subject: Re: Printf and quoting in general, SQL injection in particular
Date: Tue, 06 Jul 2021 04:46:23 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) 
You guys spoke of symbols the other day and if they were
mutable or not.

Maybe here we have a use case... for, uhm, symbols!

Maybe one can do this like this with properties, tag strings
that are intended for or already paths and URLs, and they can
only be used by safe functions!

That I'd like more because that would imply a higher degree of
automation, perhaps, but if nothing else the policy would
be enforced, done deal.

So when you sent an ordinary string to the file opener -
¡No pasarán! ha :)

Compare

(defun what-face (pos)
  (interactive "d")
  (let ((face (or (get-char-property pos 'face)
                  (get-char-property pos 'read-cf-name) )))
    (message "face: %s" (or face "no face")) ))

or

(defun gnus-article-show-filled-citation ()
  "Fill the citation opened on a hidden-citation button press."
  (interactive)
  (let*((pos    (point))
        (button (get-char-property pos 'button)) )
    (when button
      (widget-button-press pos)
      (save-excursion
        (gnus-article-fill-cited-article) ))))

;; source: 
;;   https://dataswamp.org/~incal/emacs-init/face.el
;;   https://dataswamp.org/~incal/emacs-init/gnus/article.el

-- 
underground experts united
https://dataswamp.org/~incal
reply via email to
[Prev in Thread] Current Thread [Next in Thread]