From: Georg Bauhaus <rm.dash-bauhaus@futureapps.de>
Subject: Re: Q: type ... is new String
Date: Mon, 04 Jun 2012 16:58:38 +0200
Date: 2012-06-04T16:58:39+02:00 [thread overview]
Message-ID: <4fcccd1f$0$6583$9b4e6d93@newsspool3.arcor-online.net> (raw)
In-Reply-To: <82defba0-2d39-4418-b678-ebbefeb105d7@x21g2000vbc.googlegroups.com>
On 04.06.12 15:36, Maciej Sobczak wrote:
> I agree that most of the security problems that
> plague the web-development ecosystem could be solved with a proper
> type system and static type-safety.
To illustrate a problem, web programming is almost always confronting
I/O of untyped "text": of implicit, ambiguous, indeterminable,
inconsistent, wrong encoding. There is no perfect way to prevent
exception raising effects, remember that most systems are layered,
and disconnected. Basic AI is needed to make educated guesses about
to the meaning of octet sequences.
Any complaint about malformed output at the other end is likely
justified, but useless: "We *must* have the data. Do your best!"
The best one can do is classify I/O, then read input from sources
marked safe/unsafe, and finally use these data in typed structures.
Any countermeasure must be one of the masses: how can one make the
notion of type checking of web data so popular that it is considered
a must-have?
next prev parent reply other threads:[~2012-06-04 14:58 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-30 16:33 Q: type ... is new String tmoran
2012-05-30 17:04 ` Dmitry A. Kazakov
2012-05-31 7:37 ` Maciej Sobczak
2012-06-04 5:58 ` Yannick Duchêne (Hibou57)
2012-06-04 6:30 ` J-P. Rosen
2012-06-04 7:48 ` Yannick Duchêne (Hibou57)
2012-06-04 8:03 ` Dmitry A. Kazakov
2012-06-04 8:14 ` Yannick Duchêne (Hibou57)
2012-06-04 9:09 ` Dmitry A. Kazakov
2012-06-04 10:35 ` J-P. Rosen
2012-06-04 5:43 ` Yannick Duchêne (Hibou57)
2012-06-04 11:39 ` Brian Drummond
2012-06-04 13:36 ` Maciej Sobczak
2012-06-04 14:58 ` Georg Bauhaus [this message]
2012-06-04 15:14 ` Dmitry A. Kazakov
2012-06-04 16:06 ` Georg Bauhaus
2012-06-04 17:05 ` Dmitry A. Kazakov
2012-06-04 20:28 ` Yannick Duchêne (Hibou57)
2012-06-04 20:56 ` Georg Bauhaus
2012-06-05 7:32 ` Dmitry A. Kazakov
2012-06-05 8:40 ` Georg Bauhaus
2012-06-05 9:06 ` Dmitry A. Kazakov
2012-06-05 12:20 ` Georg Bauhaus
2012-06-05 13:14 ` Dmitry A. Kazakov
2012-06-06 4:09 ` Shark8
2012-06-06 8:52 ` Georg Bauhaus
2012-06-06 23:56 ` Randy Brukardt
2012-06-07 11:15 ` Georg Bauhaus
2012-06-06 23:51 ` Randy Brukardt
2012-06-04 20:33 ` Yannick Duchêne (Hibou57)
2012-06-04 21:27 ` Georg Bauhaus
[not found] ` <m9kqs7hgii13e220b1phm46n43d92tu1pj@invalid.netcom.com>
2012-06-05 6:15 ` Georg Bauhaus
2012-06-05 6:36 ` Yannick Duchêne (Hibou57)
2012-06-06 4:14 ` Shark8
2012-06-07 0:01 ` Randy Brukardt
2012-06-07 0:20 ` Adam Beneschan
2012-06-05 12:05 ` Brian Drummond
2012-06-05 14:43 ` Yannick Duchêne (Hibou57)
2012-06-04 15:54 ` Shark8
2012-06-04 22:01 ` Jeffrey Carter
2012-06-05 12:10 ` Brian Drummond
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox