There's a security issue in that if someone managed to modify your persistence file they could use it to execute arbitrary code when you read it in.
On Mon, Dec 25, 2017 at 7:26 AM, Zelphir Kaltstahl <zelphirkaltst...@gmail.com> wrote: > I wrote some program which uses the `yaml` library to parse some data files. > > > However, this morning, I had an idea. I often read, that XML is sort of a > more verbose form of S-Expressions or that it at least could be replaced by > S-Expressions. So why not use that instead of YAML? Why not simply put the > data into S-Expressions in those files and simply `require` them? > > For example lets say I have some struct: > > ~~~ > (struct Abc (member1 member2)) > ~~~ > > I could simply write in that data file: > > ~~~ > #lang racket > > (provide (all-defined-out)) > > (make-Abc data1 data2) > ~~~ > > This would probably even increase speed, because I'd not have to parse the > thing, but interpret S-Expressions directly. > With the magic of macros, I guess it could be as little text a some YAML > file. Besides, who cares about a few more parentheses anyway. > Oh and I would not have to worry about types, because they are already in > the data file. For example if I want to make a datetime, I'd use the > appropriate S-Expression for doing that immediately or define some function > for it to make it easier to read. > > Is there any downside to this approach, compared to reading some YAML file? > (Why am I even reading a YAML file!) > > -- > You received this message because you are subscribed to the Google Groups > "Racket Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to racket-users+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
