-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ability to specify a custom cursor module #9
base: main
Are you sure you want to change the base?
Conversation
Hi @cdunn, Thanks for the PR. I'm on the fence about this one.
I'll look into it a bit more on my side. Maybe there's a way to do this without using |
I suppose the alternative could be typechecking the decoded values against the db columns but that might get a little messy. The example issues that come to mind:
I'm mostly concerned about 1 and 2, so I need to do a little more research on potential issues of blinding passing user input into ecto and come up with some specifics. I'm mostly just thinking of all the past issues with ActiveRecord in Rails and all the sec issues with converting JSON/YAML from user input. I like the idea of encrypting by default but it does add a bit to the setup and I definitely see how depending on the use case, these could be acceptable levels of risk for the application. |
Hi @cdunn, hope you are well. Sorry for being slow to come back to you on this on, last few days have been hectic. I'll have a deeper look at it this week. |
Hi! Is this PR something worth revisiting? |
Seems like it might be best practices (at least in certain circumstances where cursor fields are private) to allow encryption of the cursor via a custom cursor module.
Appears there are valid reasons not to directly
binary_to_term
external input. Also not clear on whether there are any ecto related exploits of specially crafted cursors terms (rails has made me paranoid about nested maps and such) so would be useful to guarantee it is tamper resistant.I haven't done a tremendous amount of elixir so lmk what you think about the concept and any thoughts on the implementation.
Reference:
Plug.Session.COOKIE
Plug.Crypto.safe_binary_to_term