Hi,
What is the recommended procedure to sanitize data from an untrusted
source when parsing with cl-json? What is a sane definition of "safe"
in this context, to begin with? I currently deem the following to be
appropriate: for all variables bound to any string, running without
any side effects, OR running out of memory, but nothing else. For
example, is the following function safe?
(defun foo (stream)
(json:with-decoder-simple-list-semantics
(json:decode-json stream)))
Greetings,
Hraban Luyat
