+1 - validation can also be necessary on dataimport through services, to have a default integration of this service in the default Post Handler is IMHO a mandatory but not stricktly bound extension to this service.
Dominik On Mon, Jul 8, 2013 at 12:19 PM, Carsten Ziegeler <[email protected]>wrote: > Even if there is processing overhead - and I think this is really minimal > compared to persisting the data - storing unvalidated and therefore maybe > wrong data might haver a much higher impact on the application. > > And I totally agree, this needs to be configurable (controllable) - but > limiting this to the post servlet is way too restrictive. > > Carsten > > > 2013/7/8 Alexander Klimetschek <[email protected]> > > > On 04.07.2013, at 14:56, Carsten Ziegeler <[email protected]> wrote: > > > > > Adding this - maybe as an optional service - into the resource resolver > > > makes it also impossible to bypass validation - the validation is > always > > > done regardless whether the changes are done through the post servlet, > > any > > > other servlet, or some server side code running in the background. > > > > We should be careful with the imposed new processing overhead of this. > > There needs to be control over it, and IMO an active whitelisting for > which > > validators (i.e. resource types) this would happen and when. And the > > simplest way to do that is to have custom application code call the > > validation service (one-liner) themselves and do it automatically only in > > the post servlet (but also with an option to enable/disable individual > > validators). > > > > Cheers, > > Alex > > > > > -- > Carsten Ziegeler > [email protected] >
