Mercurial > urweb
annotate tests/policy2.ur @ 2297:6d56080f495c
Fix a read-after-free bug using a timestamp check
author | Adam Chlipala <adam@chlipala.net> |
---|---|
date | Thu, 19 Nov 2015 13:18:58 -0500 |
parents | d5ecceb7d1a1 |
children |
rev | line source |
---|---|
adamc@1236 | 1 type fruit = int |
adamc@1236 | 2 table fruit : { Id : fruit, Nam : string, Weight : float, Secret : string } |
adamc@1236 | 3 PRIMARY KEY Id, |
adamc@1236 | 4 CONSTRAINT Nam UNIQUE Nam |
adamc@1236 | 5 |
adamc@1236 | 6 (* Everyone may knows IDs and names. *) |
adamc@1236 | 7 policy sendClient (SELECT fruit.Id, fruit.Nam |
adamc@1236 | 8 FROM fruit) |
adamc@1236 | 9 |
adamc@1236 | 10 (* The weight is sensitive information; you must know the secret. *) |
adamc@1236 | 11 policy sendClient (SELECT fruit.Weight, fruit.Secret |
adamc@1236 | 12 FROM fruit |
adamc@1236 | 13 WHERE known(fruit.Secret)) |
adamc@1236 | 14 |
adamc@1236 | 15 fun main () = |
adamc@1236 | 16 x1 <- queryX (SELECT fruit.Id, fruit.Nam |
adamc@1236 | 17 FROM fruit |
adamc@1236 | 18 WHERE fruit.Nam = "apple") |
adamc@1236 | 19 (fn x => <xml><li>{[x.Fruit.Id]}: {[x.Fruit.Nam]}</li></xml>); |
adamc@1236 | 20 return <xml><body> |
adamc@1236 | 21 <ul>{x1}</ul> |
adamc@1236 | 22 </body></xml> |