[Haskell-cafe] Re: Interesting new user perspective
me at twifkak.com
Mon Oct 13 03:30:17 EDT 2008
On Mon, Oct 13, 2008 at 08:43:48AM +0200, apfelmus wrote:
> Yes. "Just" an injection problem is an understatement. And its the
> implementation of the abstract data type that determines how fast things
> are. Who said that it may not simply be a newtyped String ?
I think the attraction to the SafeString example is that it's simple and
effective for the task at hand -- in other words, pragmatic. Suggesting
that in order to avoid HTML injection people re-read the HTML spec and
invent a complete ADT to represent all the little corner cases they
probably won't ever use is exactly the kind of answer that would scare
Joe Six-Pack Hockey Programmer away.
More information about the Haskell-Cafe