Chris McDonough <chr...@plope.com> added the comment:
The plugin does too much. But it doesn't do so entirely stupidly: it does too
people *wanted* it to do too much, and the casting magic is useful. People
wanted the value
of environ['repoze.who.identity']['repoze.who.userid'] to be of a type that
made sense for their
app so they didn't have to cast the userid explictly from whatever type it is
application (often integer or unicode; not always a bytestring) to a bytestring
to set a "user id";
inversely they didn't want to have to cast the userid explicitly to the
application type from a
bytestring when reading it out of the identity dictionary.
I am not talking about XSS when I refer to "security hole"; XSS is unrelated.
I was talking about
being able to retain the above (useful) property of being able to attach a type
declaration to the
userid. One way to do so would be of course to use the pickle module and just
object: it would be a disastrous, monstrous security hole to unpickle data
obtained from a
cookie, but it would not require any type declarations in the user data. Is
there a better way
that wasnt a monstrous security hole but would offend your sensibilities less?
Repoze Bugs <b...@bugs.repoze.org>
Repoze-dev mailing list