Git Product home page Git Product logo

interpoliqueqq's Introduction

This is an implementation of Dan Kaminsky's "Interpolique" as a Haskell
quasi-quoter.  See Test.hs for examples.

More information:
http://recursion.com/interpolique.html
http://intoverflow.wordpress.com/2010/06/23/syntactic-support-for-kaminskys-interpolique-in-haskell

Also shown here: the Taint monad, which shows how we can use rank-2 types and
monads to track the progression of tainted data, and even use this to prevent
tainted data from escaping a given context before it has been scrubbed.
Kernel.hs is a ``security kernel'' for the tainting system and is intended to be
used by library authors and *not* application develoeprs.  (GHC provides enough
static analysis that this design requirement can be enforced using existing
tools.)

FakeDatabase.hs and FakeXML.hs demonstrate stubbed-out libraries for both a
database server and XML generation library.  They provide examples of how
Interpolique can be destiation-context-sensitive, in that the same syntax can be
used to safely escape a string, and the particular style of escaping can be
automatically determined based on who the escaping is being performed for.
(That is, escaping for a database is different than escaping for XML, and this
implementation is able to use type inference to automatically determine which
it is that the programmer needs.)

TestWebFramework.hs shows an example of destination-context-sensitive escaping
with Interpolique.

interpoliqueqq's People

Contributors

intoverflow avatar

Stargazers

 avatar  avatar  avatar

Watchers

 avatar  avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.