On Friday, December 26, 2014 9:15:40 AM UTC-5, Mark Billion wrote: > > Just two questions for my edification: > 1. Why did HTTP get grouped into exceptions >
By making HTTP an exception, this allows both the framework and app code to short-circuit a given response at any point and immediately return something (e.g., you can raise an HTTP exception in a model, and it will return without executing the controller or view). > 2. Is there a security reason not to catch all non-http exceptions, ie > except EXCEPTION > I don't think it's necessarily a security issue. It's just that you usually don't want to catch all exceptions, particularly if your code isn't doing anything to actually inspect and handle the exception. You could end up introducing silent failures and subtle bugs. It could be OK to catch all exceptions if your "except" block then does something with the exception, such as executing special error handling code or re-raising particular exceptions. Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
