[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Snapshot: 2007-06-17

From: Dmitry Borodaenko
Subject: Re: Snapshot: 2007-06-17
Date: Mon, 18 Jun 2007 12:10:07 +0100

On 6/18/07, boud <address@hidden> wrote:
BTW, what's the general programming principle for the two .freeze
method calls ? Is the idea more to prevent accidental programmer error
(editing the re's could easily create a mess) or rather to protect
against the risk of exploits (since the URL is an external site and
has to be untainted, it could potentially be cracked before anyone
realises that something is wrong - "be suspicious of any external data")?

Nice thing about freeze() is that it not only improves security, but
also allows Ruby interpreter to apply more aggressive optimizations
based on assumption that the data is immutable.

Dmitry Borodaenko

reply via email to

[Prev in Thread] Current Thread [Next in Thread]