On 10 April 2011 12:33, Ken Wesson <kwess...@gmail.com> wrote: > I thought you were the one who wanted the strings moved out to a data > structure that could be swapped with localized versions? :)
Not really. I just want the error messages to be independent of the predicates. In essence, I'm looking for a solution with two properties: 1. Non-compound (i.e. simple) 2. Readable By adding error messages to predicates, we tightly couple the validation error with the predicate, which in general is considered bad. However, this might be a valid compromise, but only if it improves readability. >> My perception of validations is that they are a contract that a >> particular map of data has to conform to. I don't like the idea of >> encouraging people to think in terms of "allow by default", as that's >> not considered good security practise. > > On the contrary, if you don't think carefully about each specific > thing that could cause a problem and forbid that thing, you can end up > accidentally allowing corner cases that break the security model. If > you work backwards from the security model to derive a set of > constraints, though, those constraints are often mostly "shalt-nots". I don't really understand what you're saying here. Do you disagree that "deny by default" is more secure in general than "allow by default"? - James -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en
