cprop
cprop copied to clipboard
Optional :strings-only restriction
There is a valid security concern to read configuration as EDN:
what if someone injects bad EDN that would steal all the money?
While in most cases it won't be a problem, in some cases, for example where apps eval
pieces of configuration, it could be risky to "leave the door open".
Add an optional :strings-only
restriction, which would read everything as strings, while still enjoying the hierarchy of EDN.