[afiori]

it depends on what type of safety.

The schema language might for example allow you to specify that an input string/blob should be smaller than 10MB and refuse to deserialize it if it is longer, same for array/list/vector length.

[seangrogg]

It feels like a check against an input size of 10MB is something you would do well before deserialization, no?

[tom_]

The limit might apply to some specific part of the message, rather than the whole. You can't check this without actually deserialising, or at least doing most of the same work.

[afiori]

not if it is a message you receive from a third party.

A concrete example might be a batching third party client: the app sends N messages in a single batch and each message has its own size limit.

[baq]

You would, but others might not. Defense in depth.

[signa11]

> ... allow you to specify that an input string/blob should be smaller than 10MB and refuse to deserialize it if it is longer ...

why ? are there no cases where serializing even larger file is valid ?

[afiori]

sure, a lot of cases, I suspect that S3 upload limits are different from imgur.

[signa11]

and feel free to do that in _your_ application. don’t shackle others with the limitations of your domain.

mechanism vs policy and all that.

[afiori]

I believe I have already justified why it might be useful at the protocol/schema level in ways that cannot be replicated at the application level: to eagerly fail on expensive (eg memory) deserialization.