RFC: escape strings in KConfigBase
Andreas Hartmetz
ahartmetz at gmail.com
Wed May 16 22:01:56 BST 2007
On Wednesday 16 May 2007 20:19:22 Thiago Macieira wrote:
> Aaron J. Seigo wrote:
> >but note that some systems, such as ldap, are really picky about key
> > values.
>
Interesting.
> I'd say it's up to the config backend to properly escape the values so
> that the frontend doesn't have to worry about escaping in a way that all
> backends support.
That makes a lot of sense. For all backends together, probably only letters
and numbers are safe, and that only if the backend has no concept of
keywords. A (hypothetical) binary backend would not need any escaping -
length prefixes or similar would be enough.
What remains is the question of keys.
I'd also escape them for symmetry. This should not bring any undesired effect
for the same reason that escaping values should not have any effect - it
would have been broken before.
User-accessible keys wouldn't be such bad an idea where applicable - they are
sandboxed by their group if done right [and escaping '=', '[', ']' ] :)
I haven't come across any key that was not set programmatically, though. This
would only be a safety and simplification measure.
The example I'm thinking of (mentioned before) is this:
There are no official rules for the names of Q/KActions. No reasonable
programmer should ever name actions like " = None\n exec = rm -Rf ~/" \n, but
who knows how unreasonable people call their actions?
Of course we could document the rules everywhere something might become a
config key - it just won't be me who volunteers to do this 8)
Or just hope that nothing goes wrong, which sometimes works surprisingly well.
More information about the kde-core-devel
mailing list