Github user dpitera commented on the issue:
https://github.com/apache/tinkerpop/pull/179
I will have to investigate what you've just claimed, but if this is true,
then yes you are right... I'll get back to you when I've confirmed. Thanks for
the suggestion!
---
If your project is
Github user spmallette commented on the issue:
https://github.com/apache/tinkerpop/pull/179
That's a reasonable example. Could someone not just "blacklist" by
whitelisting though? I just mean that the whitelisting system is all regex
based. You could add negation to the whitelist and
Github user dpitera commented on the issue:
https://github.com/apache/tinkerpop/pull/179
> Whitelisting tends to work best in cases like this as it assumes
everything is bad except for this small, easy to maintain list.
Agreed. Which is what leads me to find myself in a
Github user spmallette commented on the issue:
https://github.com/apache/tinkerpop/pull/179
I don't see a reference to `methodBlackList` in this PR, but if we were to
just reduce the question to why do we have whitelisting and no blacklisting
then I think I could probably answer
Github user dpitera commented on the issue:
https://github.com/apache/tinkerpop/pull/179
@spmallette I am curious why this Pull Request got rid of the
`methodBlackList`? I ask because I want to extend the `FileSandboxExtension`
here to support blacklisting-- would you prefer I did
