Loading ...
Sorry, an error occurred while loading the content.

156Re: [caplet] Re: ADsafe validation

Expand Messages
  • Kris Zyp
    Mar 20, 2008
    • 0 Attachment
      > I have reservations about extensive use of regular expressions for
      > validation.
      In the json.js case, I started thinking that a single
      > regexp should do
      the job. It has since grown to four, and was still
      > vulnerable to a
      screw-up in Firefox. RexExp doesn't have enough
      > context to make me
      confident.
       
      Yes, regular expression based validation does seem impropable. However, it seems like you could also make an argument that it easier to reason about and have confidence in a simple 5K chunk of code, than a 34K module. A large module has more room for human errors. Anyway, I understand your skepticism, but I don't want to dismiss this approach yet, based solely on feelings on uncertainty. So far the problems have been fixable.
       
      > In your case, I think you might have a problem with comment
      deletion.
      > Lacking context, the regexps can be confused.

      >
      /\/*\//.test( "*/");
      > /* // */
       
      Thanks, yes I did have a problem. Those should be fixed now.
       
      Kris
    • Show all 16 messages in this topic