annotate tests/cookieJsec.ur @ 2297:6d56080f495c

Fix a read-after-free bug using a timestamp check
author Adam Chlipala <adam@chlipala.net>
date Thu, 19 Nov 2015 13:18:58 -0500
parents 796e42c93c48
children
rev   line source
adamc@736 1 table t : {Id : int}
adamc@736 2
adamc@736 3 cookie c : int
adamc@736 4
adamc@736 5 fun setter r =
adamc@736 6 setCookie c (readError r.Id);
adamc@736 7 return <xml>Done</xml>
adamc@736 8
adamc@736 9 fun writer () =
adamc@736 10 ido <- getCookie c;
adamc@736 11 case ido of
adamc@736 12 None => error <xml>No cookie</xml>
adamc@736 13 | Some id => dml (INSERT INTO t (Id) VALUES ({[id]}))
adamc@736 14
adamc@736 15 fun preWriter () = return <xml><body onload={onConnectFail (alert "RPC error")}>
adamc@736 16 <button onclick={writer ()} value="Write to database"/>
adamc@736 17
adamc@736 18 <a link={main ()}>Back</a>
adamc@736 19 </body></xml>
adamc@736 20
adamc@736 21 and main () = return <xml><body>
adamc@736 22 <form>
adamc@736 23 <textbox{#Id}/> <submit value="Get cookie" action={setter}/>
adamc@736 24 </form>
adamc@736 25
adamc@736 26 <form><submit action={preWriter} value="Prepare to write to database"/></form>
adamc@736 27 </body></xml>