[langsec-discuss] Langsec advice for implementing a website

Meredith L. Patterson clonearmy at gmail.com
Tue Jun 12 21:13:06 UTC 2012


On Tue, Jun 12, 2012 at 10:55 PM, Joshua Herman <jherma8 at uic.edu> wrote:
> To all:
> Hello, I just joined this email list and I am designing a website in
> python with bottle.py. Due to my understanding of your talk I have
> considered these design goals
> 1. All templates are finite state machines. No embedded python code
> can exist other than including other templates or simple conditionals.

Will you be using bottle.py's templating engine, mako, jinja2, or
something else? I haven't looked too closely at any templating engines
other than Django's (which is actually Turing-complete,
http://e6h.de/post/7/) but if you can enforce regularity on your
templates, that's a good start.

Note that conditionals + labels/GOTO is sufficient for
Turing-completeness (it's why sed is Turing-complete), so be careful
how you structure your includes/conditionals.

> 2. Any routing by my controller is a regular expression that I design
> to be regular.

Can you expand on that a bit?

> 3. State is managed through a controller. The controller can have a
> FSM specification.

Awesome. If you can specify it as an FSM, do it. Explicit state
machines are a common way of writing embedded code and I wish more web
applications used them.

As far as other things to think about:

* What sort of inputs does your site expect to receive from users?
* What encodings do these inputs use? (JSON, XML, plain text, FASTA?)
* How will your site recognise and respond to malformed inputs?

Cheers,
--mlp


More information about the langsec-discuss mailing list