[web-devel] Kick-off discussion: Yesod 0.9
greg at gregweber.info
Wed Jun 1 18:29:03 CEST 2011
The scenario I am considering is if you accidentally leave a form field in
the form/view model that you removed from your view and then use techniques
to automatically assign data back to the model. Obviously I know little of
the F# frameworks :)
On Wed, Jun 1, 2011 at 9:14 AM, Justin Greene <nephesh.chifire at gmail.com>wrote:
> Hi Greg,
> From what I can tell, the form/view model is roughly the same as building
>> up an applicative form. If you build a custom form, you have to declare a
>> field both in your form/view model and in your view, which is the kind of
>> insecure duplication we would like to avoid when possible.
> I am unclear as to what you mean by "insecure". You do have to specify
> where you want your field to render, but there is no chance of someone
> maliciously adding fields to your form, or inserting data into fields that
> you do not specify.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the web-devel