On Thu, Jun 2, 2011 at 10:51, <[email protected]> wrote: > > > http://gwt-code-reviews.appspot.com/1447812/diff/1/user/src/com/google/gwt/safehtml/shared/UriUtils.java > File user/src/com/google/gwt/safehtml/shared/UriUtils.java (right): > > > http://gwt-code-reviews.appspot.com/1447812/diff/1/user/src/com/google/gwt/safehtml/shared/UriUtils.java#newcode209 > user/src/com/google/gwt/safehtml/shared/UriUtils.java:209: * > safe!</strong> > unsafeCastFromUntrustedString() is better. Can we also deprecate the > method? > Sounds good. Should I also deprecate methods that call this method (e.g. Image(String))? That would seem to make sense...
> > Use code should always be able to use one of the other methods. Only > library code (GWT and libraries based on GWT) have the legacy support > problem. > > > On 2011/06/02 17:45:16, xtof wrote: > >> On 2011/06/02 13:47:05, jlabanca wrote: >> > This method worries me. When I saw the name, I assumed it was the >> > equivalent > >> of >> > fromString(). Anyone who looks at the method name without reading >> > the JavaDoc > >> > might assume the same. >> > >> > I suggest we remove the method and let users manage unsafe URIs. >> > That forces > >> > the user to make the tough decisions, whether they sanitize the URI, >> > or call > >> > fromTrustedString() even if the URI isn't trusted. >> > > This method is intended for use in places where a string we don't know >> > anything > >> about needs to be turned into a SafeUri in a legacy-API situation. For >> > instance > >> in this CL, the Image class has been refactored to use SafeUri >> > internally. > >> However, it retains the Image(String uri) constructor, which uses this >> > method to > >> turn the string into a SafeUri to call the Image(SafeUri uri) >> > constructor with. > > I'd prefer that we don't use the fromTrustedString method in those >> > situations: > >> Use of that method is essentially an assertion by the programmer that >> > they can > >> ensure from context that the argument satisfies the SafeUri contract. >> > In the > >> Image(String) case, this is not so. >> > > I agree that the name isn't scary enough though. >> > > Perhaps, "unsafeCastFromUntrustedString" or something like that? >> > > http://gwt-code-reviews.appspot.com/1447812/ > -- http://groups.google.com/group/Google-Web-Toolkit-Contributors
