[langsec-discuss] Test cases in the same language as the application being tested

Nils Dagsson Moskopp nils at dieweltistgarnichtso.net
Sun Dec 11 21:40:22 UTC 2016


Recently, I wanted to write a test case that I was sure would lead to an
error in the application. Yet, I could not, as the testing framework was
written in the same programming language as the application, lacking the
expressiveness needed for the test case. Then that thing happened again.

Example: Mocking requests that contain U+2028 or U+2029 from JavaScript.
Those characters are valid in JSON, but not in JavaScript … if your test
framework is written in JavaScript, how do you even mock these requests?

I believe there might be some lesson about the power of languages hidden
in my experience, but I am not sure what exactly it would be. It reminds
me of Kerningham's lever (The Elements of Programming Style, Chapter 2):

> Everyone knows that debugging is twice as hard as writing a program in
> the first place. So if you're as clever as you can be when you write
> it, how will you ever debug it?

Greetings,
-- 
Nils Dagsson Moskopp // erlehmann
<http://dieweltistgarnichtso.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20161211/45b386ea/attachment.sig>


More information about the langsec-discuss mailing list