* Adrian Mariano <[email protected]>, 2018-07-20, 19:49:
I'm not sure about exactly the right way to validate the metals. I took the most relaxed route of just banning '!',
Enumerating badness makes me nervous. It is generally considered a bad security practice.
How about whitelisting known-good metal names ("silver", "gold", "platinum"), and ignoring everything else? That would be more-or-less how currencies are currently handled.
-- Jakub Wilk

