[Haskell-cafe] What is the maturity of Haskell Web Frameworks

Brandon S. Allbery KF8NH allbery at ece.cmu.edu
Thu Jun 5 00:14:25 EDT 2008

On 2008 Jun 4, at 22:30, Paul L wrote:

> The server is then very much like a VM or an interpreter of an
> embedded language, with execution stacks entirely encoded and stored
> in each HTML page sent to the user and back from the user as an
> encoded URL or form data. So the server is entirely stateless.

Mmm, if any of that HTML-stored state is sensitive server information,  
this becomes a problem. (E.g. can I trick your application into  
thinking I'm an admin and then go starting/stopping processes,  
changing passwords. etc.?)  You need to use extra care if anything  
sensitive is put where the client can munge it.

brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery at kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery at ece.cmu.edu
electrical and computer engineering, carnegie mellon university    KF8NH

More information about the Haskell-Cafe mailing list