Re: [Maypole] 2.07 PR

From: Dave Howorth (dhoworth at mrc-lmb.cam.ac.uk)
Date: Wed Jan 19 2005 - 13:59:03 GMT


Tony Bowden wrote:
> On Tue, Jan 18, 2005 at 10:01:45PM +0000, Dave Howorth wrote:
>
>>Perhaps I'm being really dumb, but since we're talking about what
>>happens when the handler dies or cannot be loaded, I can't see the
>>relevance of the example.
>
>
> Erm, no we're not.

I apologize. I obviously haven't managed to explain myself very well so
I'll make another attempt. If it still isn't clear what I'm asking, I
suggest that we don't trim replies, so the whole context is present in
every message. That may help avoid some confusion.

> You said:
>
> : I think it would be sensible if programming errors like the uninstalled
> : module caused CGI::Untaint to die, whilst validation failures caused it
> : to return an error message. But they both used to make it die and they
> : both now make it return an error message.

I said it in reply to your response to a question I asked, and I am
still having difficulty understanding your answer. I think my question
is the key point in what I'm asking for:

| How does CGI::Untaint distinguish between a validation failure and a
| programming error (such as an uninstalled module)?

This needs to be taken in the context of your suggestion that validation
errors should cause the handler to die in order to return explicit error
messages (see below).

> You also said that the docs should have changed to reflect this.
>
> I disputed that validation failures used to make it die, and then gave an
> example to show that they didn't, and thus stated that the docs didn't
> need to change as the behaviour hadn't changed.

In an earlier message you said that in order to achieve the specific
error messages I originally asked for:

| In your is_valid() method for the handler, just die with that error.

So the whole subsequent discussion was in the context of handlers that
are specifically programmed to die in order to return an error message.
I agree that other handlers do not die when validation fails.

>>Our conversation started with you inviting suggestions and me offering
>>one which it seems you don't like, and that's entirely your prerogative.
>
>
> Your suggestion was for a way to pass errors back to the application, such
> as
> : The 'month' parameter ("21") to DateTime::new did not pass the
> : 'is between 1 and 12' callback
>
> I showed how you could already do that.
>
> Other than adding this to do the docs, I'm really not sure what you're
> asking for that I don't like.

I hope I have now managed to explain what I don't understand. Once
again, I'm sorry I haven't succeeded before.

To summarise, what I don't understand is how CGI::Untaint distinguishes
between a validation failure and a programming error (such as an
uninstalled module), in the scenario you suggested of making my handler
die to return a validation failure message?

Cheers, Dave

_______________________________________________
maypole mailing list
maypole at lists.netthink.co.uk
http://lists.netthink.co.uk/listinfo/maypole



This archive was generated by hypermail 2.1.3 : Thu Feb 24 2005 - 22:25:57 GMT