annotate src/settings.sig @ 1710:540df112ff62

Remove string-valued style attribute, which may allow injection attacks
author Adam Chlipala <adam@chlipala.net>
date Sun, 15 Apr 2012 12:40:53 -0400
parents ac141fbb313a
children c414850f206f
rev   line source
adam@1478 1 (* Copyright (c) 2008-2011, Adam Chlipala
adamc@764 2 * All rights reserved.
adamc@764 3 *
adamc@764 4 * Redistribution and use in source and binary forms, with or without
adamc@764 5 * modification, are permitted provided that the following conditions are met:
adamc@764 6 *
adamc@764 7 * - Redistributions of source code must retain the above copyright notice,
adamc@764 8 * this list of conditions and the following disclaimer.
adamc@764 9 * - Redistributions in binary form must reproduce the above copyright notice,
adamc@764 10 * this list of conditions and the following disclaimer in the documentation
adamc@764 11 * and/or other materials provided with the distribution.
adamc@764 12 * - The names of contributors may not be used to endorse or promote products
adamc@764 13 * derived from this software without specific prior written permission.
adamc@764 14 *
adamc@764 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
adamc@764 16 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
adamc@764 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
adamc@764 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
adam@1682 19 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
adamc@764 20 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
adamc@764 21 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
adamc@764 22 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
adamc@764 23 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
adamc@764 24 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
adamc@764 25 * POSSIBILITY OF SUCH DAMAGE.
adamc@764 26 *)
adamc@764 27
adamc@764 28 signature SETTINGS = sig
adam@1682 29
adamc@866 30 val setDebug : bool -> unit
adamc@866 31 val getDebug : unit -> bool
adam@1682 32
adamc@866 33 val clibFile : string -> string
adamc@866 34
adamc@765 35 (* How do all application URLs begin? *)
adamc@764 36 val setUrlPrefix : string -> unit
adamc@764 37 val getUrlPrefix : unit -> string
adam@1370 38 val getUrlPrePrefix : unit -> string
adam@1637 39 val getUrlPrefixFull : unit -> string
adam@1637 40 (* The full prefix is the value that was set explicitly, while the "pre"
adam@1637 41 * prefix gets the protocol/host/port part and the unqualified prefix gets
adam@1637 42 * the URI. *)
adamc@764 43
adamc@765 44 (* How many seconds should the server wait before assuming a Comet client has left? *)
adamc@764 45 val setTimeout : int -> unit
adamc@764 46 val getTimeout : unit -> int
adamc@764 47
adamc@765 48 (* Which C header files are needed? *)
adamc@764 49 val setHeaders : string list -> unit
adamc@764 50 val getHeaders : unit -> string list
adamc@764 51
adamc@766 52 (* Which extra JavaScript URLs should be included? *)
adamc@766 53 val setScripts : string list -> unit
adamc@766 54 val getScripts : unit -> string list
adamc@766 55
adamc@765 56 type ffi = string * string
adamc@765 57
adamc@765 58 (* Which FFI types may be sent from clients to servers? *)
adamc@765 59 val setClientToServer : ffi list -> unit
adamc@765 60 val mayClientToServer : ffi -> bool
adamc@765 61
adamc@765 62 (* Which FFI functions have side effects? *)
adamc@765 63 val setEffectful : ffi list -> unit
adamc@765 64 val isEffectful : ffi -> bool
adamc@765 65
adamc@1171 66 (* Which FFI functions should not have their calls removed or reordered, but cause no lasting effects? *)
adamc@1171 67 val setBenignEffectful : ffi list -> unit
adamc@1171 68 val isBenignEffectful : ffi -> bool
adamc@1171 69
adamc@765 70 (* Which FFI functions may only be run in clients? *)
adamc@765 71 val setClientOnly : ffi list -> unit
adamc@765 72 val isClientOnly : ffi -> bool
adamc@765 73
adamc@765 74 (* Which FFI functions may only be run on servers? *)
adamc@765 75 val setServerOnly : ffi list -> unit
adamc@765 76 val isServerOnly : ffi -> bool
adamc@765 77
adamc@765 78 (* Which FFI functions may be run in JavaScript? (JavaScript function names included) *)
adamc@765 79 val setJsFuncs : (ffi * string) list -> unit
adamc@765 80 val jsFunc : ffi -> string option
adam@1433 81 val allJsFuncs : unit -> (ffi * string) list
adamc@765 82
adamc@768 83 datatype pattern_kind = Exact | Prefix
adamc@768 84 datatype action = Allow | Deny
adamc@768 85 type rule = { action : action, kind : pattern_kind, pattern : string }
adamc@768 86
adamc@768 87 datatype path_kind = Any | Url | Table | Sequence | View | Relation | Cookie | Style
adamc@768 88 type rewrite = { pkind : path_kind, kind : pattern_kind, from : string, to : string }
adamc@768 89
adamc@768 90 (* Rules for rewriting URLs from canonical forms *)
adamc@768 91 val setRewriteRules : rewrite list -> unit
adamc@768 92 val rewrite : path_kind -> string -> string
adamc@768 93
adamc@769 94 (* Validating URLs and MIME types *)
adamc@769 95 val setUrlRules : rule list -> unit
adamc@770 96 val getUrlRules : unit -> rule list
adamc@769 97 val checkUrl : string -> bool
adamc@769 98
adamc@769 99 val setMimeRules : rule list -> unit
adamc@770 100 val getMimeRules : unit -> rule list
adamc@769 101 val checkMime : string -> bool
adamc@769 102
adam@1465 103 val setRequestHeaderRules : rule list -> unit
adam@1465 104 val getRequestHeaderRules : unit -> rule list
adam@1465 105 val checkRequestHeader : string -> bool
adam@1465 106
adam@1465 107 val setResponseHeaderRules : rule list -> unit
adam@1465 108 val getResponseHeaderRules : unit -> rule list
adam@1465 109 val checkResponseHeader : string -> bool
adam@1465 110
adamc@855 111 (* Web protocols that generated programs may speak *)
adamc@855 112 type protocol = {
adamc@1095 113 name : string, (* Call it this on the command line *)
adamc@1096 114 compile : string, (* Pass these `gcc -c' arguments *)
adamc@1095 115 linkStatic : string, (* Pass these static linker arguments *)
adamc@1095 116 linkDynamic : string,(* Pass these dynamic linker arguments *)
adamc@1164 117 persistent : bool, (* Multiple requests per process? *)
adamc@1164 118 code : unit -> Print.PD.pp_desc (* Extra code to include in C files *)
adamc@855 119 }
adamc@855 120 val addProtocol : protocol -> unit
adamc@856 121 val setProtocol : string -> unit
adamc@855 122 val currentProtocol : unit -> protocol
adamc@855 123
adamc@866 124 (* Different DBMSes *)
adamc@867 125 datatype sql_type =
adamc@867 126 Int
adamc@867 127 | Float
adamc@867 128 | String
adamc@1011 129 | Char
adamc@867 130 | Bool
adamc@867 131 | Time
adamc@867 132 | Blob
adamc@867 133 | Channel
adamc@867 134 | Client
adamc@867 135 | Nullable of sql_type
adamc@867 136
adamc@873 137 val p_sql_ctype : sql_type -> string
adamc@867 138 val isBlob : sql_type -> bool
adamc@870 139 val isNotNull : sql_type -> bool
adamc@867 140
adam@1293 141 datatype failure_mode = Error | None
adam@1293 142
adamc@866 143 type dbms = {
adamc@866 144 name : string,
adamc@866 145 (* Call it this on the command line *)
adam@1682 146 randomFunction : string,
adam@1682 147 (* DBMS's name for random number-generating function *)
adamc@866 148 header : string,
adamc@866 149 (* Include this C header file *)
adamc@866 150 link : string,
adamc@866 151 (* Pass these linker arguments *)
adamc@873 152 p_sql_type : sql_type -> string,
adamc@870 153 init : {dbstring : string,
adamc@870 154 prepared : (string * int) list,
adamc@870 155 tables : (string * (string * sql_type) list) list,
adamc@872 156 views : (string * (string * sql_type) list) list,
adamc@870 157 sequences : string list} -> Print.PD.pp_desc,
adamc@874 158 (* Define uw_client_init(), uw_db_init(), uw_db_close(), uw_db_begin(), uw_db_commit(), and uw_db_rollback() *)
adamc@873 159 query : {loc : ErrorMsg.span, cols : sql_type list,
adamc@880 160 doCols : ({loc : ErrorMsg.span, wontLeakStrings : bool, col : int, typ : sql_type} -> Print.PD.pp_desc)
adamc@867 161 -> Print.PD.pp_desc}
adamc@867 162 -> Print.PD.pp_desc,
adamc@867 163 queryPrepared : {loc : ErrorMsg.span, id : int, query : string,
adamc@873 164 inputs : sql_type list, cols : sql_type list,
adamc@880 165 doCols : ({loc : ErrorMsg.span, wontLeakStrings : bool, col : int,
adamc@880 166 typ : sql_type} -> Print.PD.pp_desc)
adamc@879 167 -> Print.PD.pp_desc,
adamc@879 168 nested : bool}
adamc@868 169 -> Print.PD.pp_desc,
adam@1293 170 dml : ErrorMsg.span * failure_mode -> Print.PD.pp_desc,
adamc@868 171 dmlPrepared : {loc : ErrorMsg.span, id : int, dml : string,
adam@1293 172 inputs : sql_type list, mode : failure_mode} -> Print.PD.pp_desc,
adamc@878 173 nextval : {loc : ErrorMsg.span, seqE : Print.PD.pp_desc, seqName : string option} -> Print.PD.pp_desc,
adamc@874 174 nextvalPrepared : {loc : ErrorMsg.span, id : int, query : string} -> Print.PD.pp_desc,
adamc@1073 175 setval : {loc : ErrorMsg.span, seqE : Print.PD.pp_desc, count : Print.PD.pp_desc} -> Print.PD.pp_desc,
adamc@874 176 sqlifyString : string -> string,
adamc@874 177 p_cast : string * sql_type -> string,
adamc@874 178 p_blank : int * sql_type -> string (* Prepared statement input *),
adamc@877 179 supportsDeleteAs : bool,
adamc@886 180 supportsUpdateAs : bool,
adamc@877 181 createSequence : string -> string,
adamc@878 182 textKeysNeedLengths : bool,
adamc@879 183 supportsNextval : bool,
adamc@882 184 supportsNestedPrepared : bool,
adamc@890 185 sqlPrefix : string,
adamc@1014 186 supportsOctetLength : bool,
adamc@1014 187 trueString : string,
adamc@1196 188 falseString : string,
adamc@1196 189 onlyUnion : bool,
adamc@1196 190 nestedRelops : bool
adamc@866 191 }
adamc@857 192
adamc@866 193 val addDbms : dbms -> unit
adamc@866 194 val setDbms : string -> unit
adamc@866 195 val currentDbms : unit -> dbms
adamc@858 196
adamc@891 197 val setDbstring : string option -> unit
adamc@891 198 val getDbstring : unit -> string option
adamc@891 199
adamc@891 200 val setExe : string option -> unit
adamc@891 201 val getExe : unit -> string option
adamc@891 202
adamc@891 203 val setSql : string option -> unit
adamc@891 204 val getSql : unit -> string option
adamc@891 205
adamc@1016 206 val setCoreInline : int -> unit
adamc@1016 207 val getCoreInline : unit -> int
adamc@1016 208
adamc@1016 209 val setMonoInline : int -> unit
adamc@1016 210 val getMonoInline : unit -> int
adamc@1016 211
adamc@1095 212 val setStaticLinking : bool -> unit
adamc@1095 213 val getStaticLinking : unit -> bool
adamc@1095 214
adamc@1114 215 val setDeadlines : bool -> unit
adamc@1114 216 val getDeadlines : unit -> bool
adamc@1114 217
adamc@1164 218 val setSigFile : string option -> unit
adamc@1164 219 val getSigFile : unit -> string option
adamc@1164 220
adamc@1183 221 (* Which GET-able functions should be allowed to have side effects? *)
adamc@1183 222 val setSafeGets : string list -> unit
adamc@1183 223 val isSafeGet : string -> bool
adamc@1183 224
adam@1294 225 val setOnError : (string * string list * string) option -> unit
adam@1294 226 val getOnError : unit -> (string * string list * string) option
adam@1307 227
adam@1307 228 val addLimit : string * int -> unit
adam@1307 229 val limits : unit -> (string * int) list
adam@1332 230
adam@1332 231 val setMinHeap : int -> unit
adam@1332 232 val getMinHeap : unit -> int
adam@1393 233
adam@1393 234 val addAlwaysInline : string -> unit
adam@1393 235 val checkAlwaysInline : string -> bool
adam@1478 236
adam@1478 237 val addNoXsrfProtection : string -> unit
adam@1478 238 val checkNoXsrfProtection : string -> bool
adam@1629 239
adam@1629 240 val setTimeFormat : string -> unit
adam@1629 241 val getTimeFormat : unit -> string
adamc@764 242 end