undefined | Better HN

0 pointsiteriteratedone8y ago0 comments

Sorry cant drop this one yet

My comment is not a joke but a challenge to the parent ... that they are wrong

Yes whitelist are safer ... but whitelists can be cumbersome to generate/maintain and slow you down at runtime ...

On reddit let this slide , but here we have to correct the flawed thinking.

You cant run from engineering problems without consequece

So now we have graduated to course 202: how to make a blacklist safe?

Check context, and restrict access

0 comments

hug8y ago

If it's not a joke, it's at least an exercise in absurdity.

I wrote a regex that would allow things that aren't facebook, and then you said "No, you're not allowing things that aren't facebook, you're not allowing things that don't match not being facebook".

If it's not a white-list, it's at least an opposite-of-black-list.

Nadya8y ago

>Check context, and restrict access

But then why do you need the blacklist?

I refer to this post by vec: https://news.ycombinator.com/item?id=16208419

If you think you need a blacklist you should probably be using a whitelist. If your problem can't be solved with a whitelist then it's probably better solved in a way that doesn't involve a blacklist or a whitelist.

j / k navigate · click thread line to collapse