pub enum ArgumentSafety<'a> {
Absent,
Usable(&'a str),
Dangerous(&'a str),
}
Expand description
Classification of a portion of a URL by whether it is syntactically safe to pass as an argument to a command-line program.
Various parts of URLs can be specified to begin with -
. If they are used as options to a command-line application
such as an SSH client, they will be treated as options rather than as non-option arguments as the developer intended.
This is a security risk, because URLs are not always trusted and can often be composed or influenced by an attacker.
See https://secure.phabricator.com/T12961 for details.
§Security Warning
This type only expresses known syntactic risk. It does not cover other risks, such as passing a personal access token as a username rather than a password in an application that logs usernames.
Variants§
Absent
May be safe. There is nothing to pass, so there is nothing dangerous.
Usable(&'a str)
May be safe. The argument does not begin with a -
and so will not be confused as an option.
Dangerous(&'a str)
Dangerous! Begins with -
and could be treated as an option. Use the value in error messages only.
Trait Implementations§
Source§impl<'a> Clone for ArgumentSafety<'a>
impl<'a> Clone for ArgumentSafety<'a>
Source§fn clone(&self) -> ArgumentSafety<'a>
fn clone(&self) -> ArgumentSafety<'a>
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more