After watching Aaron Bedra's Clojure web security talk, I began to think about whether Scala, being another popular JVM language, had some of the same issues with vulnerability as Clojure. I went to the Lift framework overview page (http://liftweb.net/lift_overview) and was surprised to find that half of their pitch was on the basis of security and they attributed a lot of their success in that area to pattern matching:
Using Scala's built-in pattern matching, we match an incoming request, > extract the third part of the path and get the User that corresponds to > that value, and even apply access control checks (does the current session > or request have permissions to access the given User record). So, by the > time the User instance hits the application logic, it's vetted. > ... Lift has a tremendous advantage in terms of security. This got me curious: can Clojure accomplish the same thing using destructuring or possibly core.match? Also, is security always a matter of individual developer responsibility or can we blame a lack of support in the technologies, themselves, that do not allow novice app makers (like myself), to somehow default to secure? -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
