Hi Lester, On Fri, Sep 2, 2016 at 5:42 PM, Lester Caine <les...@lsces.co.uk> wrote: > On 02/09/16 01:25, Yasuo Ohgaki wrote: >> I don't understand why new validator would cause more problems than >> solving. If users validate all inputs (e.g. request headers, cookies, >> all of post/get tampering), apps became much more secure. This task >> does not belong to business(app) logic. Even when users use the >> validator non optimal way, it will improve security. > > The whole problem with that statement is at what point do you > distinguish between an input being invalid because it does not meet some > validation such as bigger than X for 'validation' reasons rather than > 'business logic' reasons. STILL in my book, it's the business logic that > defines the base validation but I don't need DbC as a straight jacket to > define that. Adding additional 'woolly' validation checks around the > base validation is a pointless exercise if the rules of the base > validation are available to use.
Security purpose input validation (injection prevention mainly) differs from what business logic does. Business logic should focus on logical correctness while input validation should focus on security. I've audited number of MVC applications and have to admit that input validations in models are _poor_. Besides input validation should be done ASAP, model validation is very poor in many cases. i.e. Not good enough for security purpose. This is _natural_ because what business logic should take care is "Logic", not what data should look like, data have correct encoding, make sure request headers/cookies/post/get are not tampered, etc. Taking care of tampered data by business logic will reduce both readability and maintainability. And more importantly, make code less secure because programmers tend to focus on logic in model, not input data validations. Validations in model being less secure is proven already. It is not a surprise since model is for "business logic". (If app requirement is ok with validation with model, it's ok to design so. Not all apps should have ideal secure coding.) Why shouldn't we have more secure validation? Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
