Mercurial > urweb
view tests/cookieSec.ur @ 2297:6d56080f495c
Fix a read-after-free bug using a timestamp check
author | Adam Chlipala <adam@chlipala.net> |
---|---|
date | Thu, 19 Nov 2015 13:18:58 -0500 |
parents | f2a2be93331c |
children |
line wrap: on
line source
table t : {Id : int} cookie c : int fun setter r = setCookie c (readError r.Id); return <xml>Done</xml> fun writer () = ido <- getCookie c; case ido of None => error <xml>No cookie</xml> | Some id => dml (INSERT INTO t (Id) VALUES ({[id]})); return <xml>Done</xml> fun main () = return <xml><body> <form> <textbox{#Id}/> <submit value="Get cookie" action={setter}/> </form> <form> <submit value="Write to database" action={writer}/> </form> </body></xml>