[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Subversion Exception!

From: Branko Čibej <brane_at_apache.org>
Date: Thu, 13 Dec 2018 17:00:35 +0100

On 13.12.2018 16:53, Michael Pilato wrote:
> On 12/13/18 10:45 AM, Branko Čibej wrote:
>> Uh. I forgot about the malfunction handler. However this doesn't really
>> help, other than putting possibly sensitive paths into the crash handler
>> info? We really shouldn't do it this way, users *will* just copy and
>> paste the output tot he 'net.
> Ahem. What Grandpa *meant* to say was:
> "Oh, cool! So there _is_ a way to report the non-canonical path.
> Thanks for figuring this out, Julian! Unfortunately, it comes at a
> cost, namely that of revealing potentially sensitive paths in the output
> which I strongly suspect will get copied and paste to the 'net. If we
> could mitigate that part of it, this might turn out to be truly beneficial."

Well, no, I meant to say exactly what I said. But if I were in a
politically correct fame of mind, then I might have said something like
what you wrote.

Re FUD: it's not just paths, it's also URLs, and people do consider one
or the other sensitive. Of course ... in the end that's no worse than
printing paths or URLs in error messages.

I still think we should add canonicalisation functions that validate
their own output.

-- Brane
Received on 2018-12-13 17:00:43 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.