[Bese-devel] Re: read-from-client-string

Marco Baringer mb at bese.it
Wed May 10 09:44:25 UTC 2006


"Nathan Bird" <nathan at acceleration.net> writes:

> Yeah, that's pretty much the case, I had been using read in the forms number
> parsing because that's how I saw someone else do it at some point. :-)

that 'someone' else was probably me....

> The aserve backend also has this in there a couple of times:
> (read-from-string (format nil ":~A" header-name))
> I take it this is just trying to get keyword symbols out of strings? Would a
> better fix for that be using intern instead?

most definetly.

> Yeah, it does smell a bit, I'm just thinking if there are reads in there,
> might be better to have that check on. That might just be false security
> though.

not with standing evyrthing else i agree 100% that if we do use
read-from-string we want *read-eval* to be nil (and in fact i'm
leaving your patch until we decide what to do).

-- 
-Marco
Ring the bells that still can ring.
Forget the perfect offering.
There is a crack in everything.
That's how the light gets in.
	-Leonard Cohen




More information about the bese-devel mailing list