X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/7090df68161b4ed1c86e5adde7800d9049c47433..46fa6b8a21e141c73c95300537d7e71d545d6e25:/doc/doc-docbook/spec.xfpt

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 6be4b48e7..ccfa4424a 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -8096,7 +8096,7 @@ option, you can still update it by a query of this form:
 ${lookup pgsql,servers=master/db/name/pw {UPDATE ...} }
 .endd
 
-An older syntax places the servers speciification before the qury,
+An older syntax places the servers specification before the query,
 semicolon separated:
 .code
 ${lookup mysql{servers=master; UPDATE ...} }
@@ -9453,10 +9453,22 @@ the data type.  ACL rules always expand strings.  A couple of expansion
 conditions do not expand some of the brace-delimited branches, for security
 reasons,
 .cindex "tainted data" expansion
+.cindex "tainted data" definition
 .cindex expansion "tainted data"
 and expansion of data deriving from the sender (&"tainted data"&)
 is not permitted.
 
+.new
+Common ways of obtaining untainted equivalents of variables with
+tainted values
+.cindex "tainted data" "de-tainting"
+come down to using the tainted value as a lookup key in a trusted database.
+This database could be the filestem structure,
+or the password file,
+or accessed via a DBMS.
+Specific methods are indexed under &"de-tainting"&.
+.wen
+
 
 
 .section "Literal text in expanded strings" "SECTlittext"
@@ -10169,9 +10181,9 @@ You can use &`fail`& instead of {<&'string3'&>} as in a string extract.
 
 
 .new
-.vitem &*${listquote{*&<&'separator'&>&*}{*&<&'string'&>&*}}*"
-.citem quoting "for list"
-.citem list quoting
+.vitem &*${listquote{*&<&'separator'&>&*}{*&<&'string'&>&*}}*&
+.cindex quoting "for list"
+.cindex list quoting
 This item doubles any occurrence of the separator character
 in the given string.
 An empty string is replaced with a single space.