On Feb 18, 2018, at 14:01 , Markus Spoettl <ms_li...@shiftoption.com> wrote: > > Arrays are easy to enforce but dictionaries are really a weak spot. For > starters you can't define which classes are acceptable as keys and which as > values. What if you have collection classes as values, what layout is > acceptable in sub-entries? None of that is expressible.
Arrays aren't safe from structural attacks, I think. There’s no way of expressing an array of *only* some element class — an actual element that is an array of the stated element class will pass the global check. > As for additional NSAttributeString "companion" classes, I'm still open for > suggestions. I dunno. I always though of the attributes as something extensible, but I guess they’re not really. (They can’t be, in NSAttributedString is an interchange format between apps.) Looking at the documented list, I would be worried about NSTextAttachment, which isn’t even documented as conforming to NSSecureCoding. Those NSAccessibility… keys don’t look too safe either. At this point, though, I don’t trust myself to reason about what’s safe and what’s not. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
