Dieter Maurer wrote:
Jamie Heilman wrote at 2003-4-16 12:53 -0700:
Personally I think REQUEST.get is a hallmark of horrible design anyway. Why do you think so?
It flattens namespaces that don't have the same characteristics. This tends to catch programmers off guard and introduce bugs. If you have an 8k header limit defined in your HTTP server along with a 1M POST limit and then you use REQUEST.get() to grab a cookie value without taking into account that it could be 1M in length before you go to process it, bad things can happen. "This is one of the instances where you should use the exact dictionary," you say. Well sure, but what do you do when you've got interfaces built around REQUEST.get() magic that don't let you choose? Case in point, a RAMCache's aggregateIndex function blindly REQUEST.get()'s a list of manager defined variables. If you aren't careful this has some really really shitty security implications. It also changes the trust characteristics of the variables. A key-value pair provided by the server that the request has no inate ability to change, normally trustworthy, is degraded by getting placed into the grab order of REQUEST.get(). That alone isn't a bug, its just places the onus on the programmer to have a complete understanding of the implications of namespace flattening. I think its fair to say this improves the odds of programmer error, and before you disagree with me I'd like to point out that the HTTPRequest code concedes, and unfortunately has made a half-assed attempt at protecting the programmer from this invalid assumption; it strips all the well known, traditionally CGI, variables right out of the form namespace. Personally, I call that a bug. So did peterb when he filed issue 546. In short, if you want a function to do variable aggregation, thats OK, but its my believe that function shouldn't be sold to the masses as the 99% solution to all their data gathering needs; it should be the exception rather than the rule, it should offer a flexible way to include, exclude, and re-order the lookup rules on the fly, and there should be no default order--the order should be a mandatory argument, thus forcing the programmer into thinking about which namespaces are truely pertinent. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's not for you." She was cheap, she was stupid and she wouldn't load -- well, not for me, anyway." -Holly