chrysn

joined 5 years ago
[–] chrysn@chaos.social 4 points 1 year ago

The very same type of mistakes happens in file systems even without URIs being involved. Directory traversal checks look simple but sooner or later need hard-to-understand symlink following rules. Enforcing processor policy has terrible portability there (it even only became practical on Linux with landlock), but nonetheless I think it's preferable.
Not mixing URI parsers is a good advice for when processor policies are unavailable – but let's try to make them available more often.

[–] chrysn@chaos.social 0 points 1 year ago (2 children)

@snaggen I think the better lesson than "don't mix URI parses" here is "don't LBYL, rely on EAFP". Many "Look before you leap" (LBYL) schemes are subject to variations of time-of-check/time-of-use errors. It's preferable to not sanitize input, but tell the processor what the policy on processing is; when it comes to a violation, it's easier to ask forgiving (i.e. report the error) than permission (EAFP).

[–] chrysn@chaos.social 2 points 1 year ago

@0xsaksham @snaggen Last polls I saw, the #RustLang hashtag (it's case sensitive, but capitalization helps for accessibilisy) was a tad more popular than #Rust due to the latter's ambiguities.

[–] chrysn@chaos.social 2 points 1 year ago

@jvisick That process is completely intransparent to anyone approaching this without preexisting knowledge of that Lemmy instance. Do you know who runs that account? They should really make a note in its metadata.