Hi,
First of all, I am very glad that the work on the specification is being
continued now. This week I quickly updated my implementation to match
the new specification. Merging import and export into a single global
command is a good choice. The use of a global variable namespace is also
a good idea (but I did not implement that yet).
During implementation I collected some remarks and questions:
- Where the ManageSieve protocol specifies what characters are allowed
for a script name, the include extension for the Sieve language does
not. Would it be useful to adopt the same limitations? Especially things
like '/' can cause problems.
- For the global command I would expect text stating that the variables
extension is required when it is used.
- The global command is required to follow 'require' or another global
command. I am worried what happens when other extensions have commands
with similar requirements. Shouldn't we account for this eventuality?
- Are there any special security implications for using variables in the
value argument in the include command, i.e. to include a script
specified by a variable? Is that even (intended to be) allowed?
- The scope of the :once modifier could be a bit confusing. I am
assuming it holds for the whole Sieve execution and not only for the
identical include commands within the current script.
- Take a good look at the examples: they have small typos and syntax
problems:
* page 6; spam_tests: reject command has mandatory message argument
* page 7; spam_tests: reject command has mandatory message argument
* page 8; active script: test-mailbox is not a valid variable name
* page 8; active script: missing require for relational extension
* page 9; active scropt: :count match type needs an argument, e.g.
"eq"
* page 9; active script: "spam-${test}; <- missing "
Please let me know what you think.
Regards,
--
Stephan Bosch
stephan(_at_)rename-it(_dot_)nl