Security implications of Clojure keyword creation from user data?

Posted by Rob Lachlan on Stack Overflow See other posts from Stack Overflow or by Rob Lachlan
Published on 2010-05-19T20:58:42Z Indexed on 2010/05/19 21:00 UTC
Read the original article Hit count: 395

Filed under:

clojure

|

keywords

|

security

Suppose that I take a user-supplied string, userstring, and call (keyword userstring) on it.

Are there any security concerns about doing this? And if so, what would be the best way to mitigate them?

© Stack Overflow or respective owner

Related posts about clojure

StackOverflow in compojure web project

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi I've been playing around with clojure and have been using it to build a simple little audio player. The strange thing is that sometimes, maybe one out of twenty, when contact the server I will get the following error: 2010-04-20 15:33:20.963::WARN: Error for /control java.lang.StackOverflowError … >>> More
Wrong number of args passed to: repl$repl

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I have a trouble with a compojure "Getting started" example that I do not seem to understand. When I run the example from http://weavejester.github.com/compojure/docs/getting-started.html ...I get the following error at the lein repl step: ~/hello-www> lein repl src/hello_www/core.clj Exception… >>> More
Setting the Classpath and Accessing code from book: Programming Clojure

as seen on Stack Overflow - Search for 'Stack Overflow'
(I posted this same question on the Clojure list but haven't got an answer yet. Is anyone here ready to help?) I am going through Programming Clojure and I recently downloaded the code from the books official website. For other utils I can do, for example, (require 'clojure.contrib.str-utils) and… >>> More
How can I define a clojure type that implements the servlet interface?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm attempting to use deftype (from the bleeding-edge clojure 1.2 branch) to create a java class that implements the java Servlet interface. I would expect the code below to compile (even though it's not very useful). (ns foo [:import [javax.servlet Servlet ServletRequest ServletResponse]]) (deftype… >>> More
Stack overflow in compojure web project

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi I've been playing around with clojure and have been using it to build a simple little audio player. The strange thing is that sometimes, maybe one out of twenty, when contacting the server I will get the following error: 2010-04-20 15:33:20.963::WARN: Error for /control java.lang.StackOverflowError … >>> More

Related posts about keywords

SEO Keywords Exposed - How to Take Advantage of The Most Relevant Keywords For Your Topic

as seen on Ezine Articles - Search for 'Ezine Articles'
SEO keywords are an important foundation for building a search engine optimized website. This article will take the mystery out of using keywords and reveal the steps you need to take for an effectively optimized website. >>> More
How to Research Keywords - 2 Sure Fire Ways to Get Buying Keywords

as seen on Ezine Articles - Search for 'Ezine Articles'
When you seek information on "how to research keywords" you are told to search out long tail keywords with low competition and good search volume. What they don't tell is how to separate the info seekers from the buyers. Did you know that when a person sets out to search for something online they're… >>> More
Blazing Keywords - The Google Blazing Keywords Review

as seen on Ezine Articles - Search for 'Ezine Articles'
Many people who are currently attempting different methods of online marketing in order to promote and build their business have heard that keyword research is extremely vital to the success of your online marketing. Unfortunately most online marketing companies do not properly teach their members… >>> More
Keywords - What Are Keywords?

as seen on Ezine Articles - Search for 'Ezine Articles'
Starting your own internet business is far more than designing and creating a website to sell your products and/or services. Before you do anything you need to find out if people are buying your products online and more importantly how they will find your website to buy your products. Just having… >>> More
Scala parser combinator runs out of memory

as seen on Stack Overflow - Search for 'Stack Overflow'
I wrote the following parser in Scala using the parser combinators: import scala.util.parsing.combinator._ import scala.collection.Map import scala.io.StdIn object Keywords { val Define = "define" val True = "true" val False = "false" val If = "if" val Then = "then" val… >>> More