Matt Palmer on Nostr: nprofile1q…52pg0 the limit of tainting is that it can only say a string is "safe" ...

nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqudr6t3ma5srclvn2vm5gtpr7s6fvfkjx8pe7dy2hna76perpaqmqp52pg0 (nprofile…2pg0) the limit of tainting is that it can only say a string is "safe" or "unsafe", without answering the question "safe for *what*?". If you untaint the value with a "safe for HTML" regex, but then it gets eval'd instead, Unpleasantness will result. The solution is to have separate "safe for HTML" and "safe for eval" data types, and the only values accepted by methods that construct HTML or eval code are the relevant "safe for" types. Yes, it's more faffing around, but far more secure.