Skip to content

Instantly share code, notes, and snippets.



Created Jun 15, 2018
What would you like to do?
Metaobjects tainted and untainted
package metaobjectTest
import untainted
object Tainted
func run {
var String@tainted(sql) maliciousSqlCode =
"I will delete your database";
var String@untainted(sql) safeSqlCode;
// compile-time error: this assignment should
// be in a special prototype/package to be allowed
// safeSqlCode = "safe sql code";
// ok
safeSqlCode = TaintedToUntainted toUntaintedSql: "safe sql code";
// TaintedToUntainted is a safe prototype
safeSqlCode = TaintedToUntainted toUntaintedSql: "safe sql code";
maliciousSqlCode = safeSqlCode; // ok
//safeSqlCode = maliciousSqlCode; // compile-time error
let String@tainted(html) badHtmlCode = "bad home page";
// compile-time error
//safeSqlCode = badHtmlCode;
// compile-time error
//let String@untainted(html) safeHtmlCode = badHtmlCode;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment