[langsec-discuss] Enforcing validation layer with types

Will Sargent will.sargent at gmail.com
Fri Dec 21 21:54:23 UTC 2012


On Mon, Dec 17, 2012 at 10:18 PM, munin <munin at mimisbrunnr.net> wrote:
> I found FP after doing systems programming for many years. This semester I went back into doing a lot of C systems programming and greatly missed the type system of a strong, statically typed functional language!
>
> I don't do any web programming or untrusted input processing in ocaml, but it seems like you could naturally express a thought like this by having a separate type for any input data, and then a separate type for any trusted function input. The type system wouldn't let you directly source data through, so you would essentially have:

It looks similar, but in practice UntrustedInput is going to be the
"blind type" that's given to you by the framework, so you only really
need the validated types yourself.

> a lot of ocaml apis avoid the "blind string" and "blind int" and the language seems to make it easy to provide rich semantic meaning to types. I don't do any web programming though …

It's funny how much of this is old hat to Haskell programmers.
There's one guy who said the list read like a "design intro to Haskell
programming"...

http://www.reddit.com/r/programming/comments/152186/problems_scala_fixes/c7ik9pe

Frankly I think a bunch of web programming is overblown -- a good web
framework should be able to render web pages, handle cookies, collect
form information, and be able to do longpoll / websocket streaming for
you.  Everything else (ORM, Email, etc.) should be encapsulated and
passed through an API to something that doesn't care where it came
from.  TL;DR -- anything called a web framework should only be dealing
with DTOs and transient data.

Will.


More information about the langsec-discuss mailing list