Sofer Athlan-Guyot wrote: > Hi all, > > I've got an input from a fellow worker[1]. Basically, transparently > transforming user data in puppet is opening a big can of worms. > > He came up with a rather contrived example, but it's definitively worth > discussing it. > > So in the vncproxy example, if the user does this: > > $vncproxy_host => 'ff02::1:ff00:1:80', > $vncproxy_port => '80' > > thinking that vncproxy_host is set to host 'ff02::1:ff00:1' with port > ":80" (he forgot to add brackets) then the code will transform that to a > valid uri '[ff02::1:ff00:1:80]:80' > > Without the code it would give this 'ff02::1:ff00:1:80:80' which would > fail as it lacks the brackets and is an invalid uri. > > There is no way to make the difference between "wrong ipv6 + port" and > "valid ipv6", so mangling user input can lead to unexpected result. > > I'm going to put the patches on WIP, as maybe, this may not be a good > idea to have user input transformed at all in puppet as all corner cases > cannot be detected. > > The trade-off, of course, is user convenience. > > So what do you think, parse and transform user input or not ? > > [1] thanks Lukas >
Since I was already skeptical and personally shy away from introducing implicit behavior, then you bring up a concrete example of why it might be a bad idea...pretty solidly against the transformation now. To just provided more feedback to the user we could pass the vncproxy_host value through a couple regexes and report a warning, maybe? If not regex match IPv4 and not regex match brackets at beginning and end then tell them it is not valid. -- Cody
signature.asc
Description: OpenPGP digital signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
