rdf_sandbox.pl -- Declare RDF API sandbox-safe
This module provides clauses for the multifile predicate
sandbox:safe_primitive/1 defined in library(sandbox) that make all
predicates of the RDF API that have no permanent side effects safe. To
have an affect, this module must be loaded after the modules it
declares safe. Thus, when using the sequence below,
rdf11 is safe,
sparql_client is not (unless sparql_client was already loaded
before this sequence).
:- use_module(library(semweb/rdf11)). % safe :- use_module(library(semweb/rdf_sandbox)). :- use_module(library(semweb/sparql_client)). % Not safe
Normally, sandbox declarations live in the module in which the safe predicates are defined, so we are sure we are making declarations about this specific version of a predicate. For RDF we decoupled the sandbox declarations from the implementation because although rdf/3 is technically safe to use (calling it has no side effects), it may make information accessible that is not supposed to be.
Loading this library makes all side-effect-free predicates considered safe. If some of your RDF needs to remain hidden, you should not load this file and instead use your own version that project your data. The example below defines a wrapper around rdf/4 that provides safe access to certain graphs.
permission_error(access, graph, G).
:- multifile sandbox:safe_primitive/1.