cl-taint

A library for controlling how outside data is used.

Maintained and written by Alan Shields

For example: the user is supposed to enter an integer into an input element of a web form. How do you ensure that the input is an integer? Option 1, write your own code. Option two:

(detaint input-string 'integer)

Or that it's an integer between 1 and 10?

(detaint input-string '(integer :min 1 :max 10)
 

And many, many others. The library can also be used to wrap values (tainting them), making them unusable unless processed in a certain, controlled manner. This is useful for outside strings, and is built into the aaraneida framework, for example.

Status

This library is currently pre-release. A darcs respository is available.

DARCS Stable (such as it is) Repository:
http://www.common-lisp.net/project/cl-taint/cl-taint-release
DARCS Testing Repository:
http://www.common-lisp.net/project/cl-taint/cl-taint-testing
Browseable DARCS
http://common-lisp.net/cgi-bin/darcsweb/darcsweb.cgi

Contact Alan Shields <alan@alan.shields.name> with any patches or bug reports.

Mailing Lists:

cl-taint-devel
A list for discussing cl-taint
cl-taint-announce
New versions of cl-taint will be announced here. Low traffic.

Alan Shields's PGP key, fingerprint: 4CF6 62C4 8B36 C113 9FE1 C62A 1987 6FCE 5E55 AFEB

Back to Common-lisp.net.

Valid XHTML 1.0 Strict