|
|
|
|
|
|
by bryanlarsen
5003 days ago
|
|
|
Writing code in this style is perfectly safe if you do it correctly. GitHub didn't, so the defaults were changed to make it harder to do it incorrectly. UPDATE: editing to reply since hn won't let me reply directly because the thread is to deep, yet I'm getting downvotes It's not a tautology. Some things are safe even if you do them wrong. Some things are unsafe no matter how you do them. Rails changed the defaults so that now you have to deliberately decide to do things unsafely. Rails before 3.2.3 fails un-safe in this scenario, but later versions fail safe. Rails 4 uses a different solution that's even harder to screw up. |
|
|
That's a tautology.
In general you can't count on code being written "correctly", so this isn't a defense. It is better to have systems that degrade gracefully in the face of humans and their idiosyncrasies, rather than those that fail-unsafe, because you can't build your security system on the assumption that your code will be written by superhumans.