On Thursday, 6 February 2014 at 21:38:03 UTC, Dicebot wrote:
Hardly so. Any exception allocation can trigger GC collection cycle and Phobos does not provide any other way to handle data errors. Any application that operates on some external user input will be subject to DoS attack vector if it uses Phobos directly.
Thinking about this more it'd probably be a good idea to use the type system to segregate non-validated user input from the rest of your program. UnvalidatedString or something. UnvalidatedString.validate() returns a string you can then use in the regular fashion. That way unvalidated data can't weasel its way into the trusted portion of your program without getting checked first. Anyway, that's just an idea (and getting further and further off topic).
