On Fri, Nov 22, 2013 at 12:07:00PM -0800, Will Sargent wrote: > I don't really care about Scheme or SXML so much as I care about the > technique of getting away from raw strings, and only using immutable data > with clear semantic meaning -- what the DDD community calls a value object.
Yes, this is the key. SXML is just one of the available tools to achieve a separation between arbitrary strings and the XML/HTML tree. The advantage of having it around as a tree is that you won't be tempted to do regex replace to fixup some markup late in the game, after it's already been built up (I've seen this happen enough to know that saying "you shouldn't do that" isn't very constructive). > I think it's sad that input validation is still at the "tainted bit" > stage. I agree. > I talked a bit about using Scala value classes < > http://docs.scala-lang.org/overviews/core/value-classes.html> as value > objects in http://tersesystems.com/2012/12/16/problems-scala-fixes/. In > particular, the string interpolation technique you mention in your blog > post -- you can do custom code transformations in Scala to turn it into a > StringContext and do safe transformation of data: > http://docs.scala-lang.org/overviews/core/string-interpolation.html This is very nice. It's comparable to the way Haskell's Yesod framework handles a separation between various input and output types. One of the links in my post point to its documentation. > So if I had to talk about practice: > > * Transform untrusted input into value objects on input. > * Don't accept non-value object input in your internal APIs > * Use transformations with implicit type class patterns to do interpolation > to an export format. These are useful rules, and provide a simple answer to the complex problem for programmers who are swamped in work and don't have time to think about this stuff. I think that's something the langsec project should strive for as useful output. Cheers, Peter -- http://www.more-magic.net _______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
