[web-devel] Kick-off discussion: Yesod 0.9

Greg Weber greg at gregweber.info
Wed Jun 1 18:29:03 CEST 2011


The scenario I am considering is if you accidentally leave a form field in
the form/view model that you removed from your view and then use techniques
to automatically assign data back to the model. Obviously I know little of
the F# frameworks :)

On Wed, Jun 1, 2011 at 9:14 AM, Justin Greene <nephesh.chifire at gmail.com>wrote:

> Hi Greg,
>
>
> From what I can tell, the form/view model is roughly the same as building
>> up an applicative form. If you build a custom form, you have to declare a
>> field both in your form/view model and in your view, which is the kind of
>> insecure duplication we would like to avoid when possible.
>>
>
> I am unclear as to what you mean by "insecure".  You do have to specify
> where you want your field to render, but there is no chance of someone
> maliciously adding fields to your form, or inserting data into fields that
> you do not specify.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/web-devel/attachments/20110601/7328d634/attachment.htm>


More information about the web-devel mailing list