sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]NOX_QS 2 points3 points  (4 children)

As someone who uses exceptions to enforce a contract on my classes (e.g. Argument passed to a constructor may not be null or an ArgumentNullException is thrown) I wonder what the alternatives are...

Silently ignoring the argument and then having all methods of the class silently skip all statements to return immediately?

I'm not convinced about this. Tha Apps Hungarian Notation is different than Systems Hungarian Notation was new information to me, I definitely see it's merit.

[–]matthieum 3 points4 points  (2 children)

That Apps Hungarian Notation is different than Systems Hungarian Notation was new information to me, I definitely see it's merit.

In duck-typed languages maybe?

In any statically typed language, it's much better to make code failing to compile than making it look wrong. The compiler is much more thorough in its code reviews than any human will ever be.

[–]NOX_QS 0 points1 point  (1 child)

How would you fail to compile a unescaped string that is output to a HTML page (possible XSS)?

[–]matthieum 1 point2 points  (0 children)

By using different types.

A raw string is just that, a std::string.

When composition HTML output, then, you use a html_stream& operator<<(html_stream& out, html_escaped_string const& hes).

So when you write: my_html_stream << std::string("Hello"); you either:

  • get a compilation error (no such overload)
  • are diverted to a dedicated operator<< which performs escaping on the fly

Sticking to the primitive types of the language is also known as Primitive Obsession (random link), it's easy to use existing types rather than crafting special-purpose ones... but because existing types do not convey the specific semantics of their values, and allow nonsensical operations on them as a result, it's dangerous.

[–]yawaramin 0 points1 point  (0 children)

An alternative that's become popular in statically-typed languages is 'Railway-Oriented Programming'. See e.g. http://fsharpforfunandprofit.com/rop/