Typeable . Haskell, , โ ? ยซยป, , , , Haskell โ - โ , . , Typeable , , .
, , , , . , , . .
, . ยซ ยป ยซ ยป.
, โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโจ โ โ โ
. , , , . ยซ ยป, 2000- - . ยซ ?ยป. , 2009-2010 , , , ยซ ยป . , ยซ ยป. .
, . . . , โ , . , , , , .
, , . , .
. ? โ , ../../../etc/nginx/nginx.conf
, ../../../etc/passwd/
, , .
. , - , , , .
, . ? , , ?
. , , Haskell, C# Java, , , . . , , , (path traversal), - .
Haskell โ
, Haskell . -, Haskell , , , . -, Haskell , , , PHP:
// From imaginary CSRF token protection:
if ($tokenHash == $hashFromInternet->{'tokenHash'}) {
echo "200 OK - Request accepted", PHP_EOL;
}
else {
echo "403 DENIED - Bad CSRF token", PHP_EOL;
};
, ? , PHP, ยซยป JSON . , - ยซยป , , . , PHP , ==
, , .
Java ( , . https://frohoff.github.io/appseccali-marshalling-pickles/). Java . , ! , โ โ , .
, PHP Haskell, Haskell . Haskell, :
data Request = Request {csrfToken :: Token, ... other fields}
doSomething :: Session -> Request -> Handler ()
doSomething session request
| csrfToken session == csrfToken request = ... do something
| otherwise = throwM BadCsrfTokenError
โ , .
Haskell โ
ยซยป ยซยป , Haskell , , , .
, Haskell , C, Javascript Java. -. , . , .
. , , , , , , :
data SSN = Unknown | Redacted | SSN Text
""
, "<REDACTED>"
"191091C211A"
. , "<REDACTED>" SSN? ? Haskell .
. โ
storeFileUpload :: Path Abs File -> ByteString -> IO ()
storeFileUpload path = ...
, , , . , , . , , , HTML, .
, , , Haskell . , Haskell , .
Haskell
, . . . , , . .
Haskell , Haskell . Haskell , . Haskell, , . , , Haskell, - , , .
. Haskell , , Haskell , Javascript Python.
, Haskell , , . , , , . , , Haskell. , , , Haskell .