RFC: escape strings in KConfigBase

Andreas Hartmetz ahartmetz at gmail.com
Wed May 16 22:01:56 BST 2007

On Wednesday 16 May 2007 20:19:22 Thiago Macieira wrote:
> Aaron J. Seigo wrote:
> >but note that some systems, such as ldap, are really picky about key
> > values.

> I'd say it's up to the config backend to properly escape the values so
> that the frontend doesn't have to worry about escaping in a way that all
> backends support.

That makes a lot of sense. For all backends together, probably only letters 
and numbers are safe, and that only if the backend has no concept of 
keywords. A (hypothetical) binary backend would not need any escaping - 
length prefixes or similar would be enough.

What remains is the question of keys.
I'd also escape them for symmetry. This should not bring any undesired effect 
for the same reason that escaping values should not have any effect - it 
would have been broken before.
User-accessible keys wouldn't be such bad an idea where applicable - they are 
sandboxed by their group if done right [and escaping '=', '[', ']' ] :)
I haven't come across any key that was not set programmatically, though. This 
would only be a safety and simplification measure.

The example I'm thinking of (mentioned before) is this:
There are no official rules for the names of Q/KActions. No reasonable 
programmer should ever name actions like " = None\n exec = rm -Rf ~/" \n, but 
who knows how unreasonable people call their actions?

Of course we could document the rules everywhere something might become a 
config key - it just won't be me who volunteers to do this 8)
Or just hope that nothing goes wrong, which sometimes works surprisingly well.

More information about the kde-core-devel mailing list