You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now if the raw bytes parse correctly, the next step in most applications is to validate (sanitize) the data. This being an additional step is a risk (programmer may forget about validation) and waste of resources (protocol has to parse all fields before sanitation can run). It may also result in unnecessary allocations - let's say our protocol accepts Vec<_> and someone sends us 8GB of data. protocol will download, parse and allocate 8GB Vec, which will be rejected by the next instruction like if vec.len() > 64 { return; }.
I imagine code could look like this:
#[derive(Protocol)]pubstructUser{pubname:String,pubpub_key:[u8;64],}implUser{fnvalidate_name(name:String) -> bool{/* some code */}fnvalidate_pub_key(pub_key:[u8;64]) -> bool{/* some code */}}User::parse(// or `User::validate_from_raw_bytes`&data,&protocol::Settings::default()).unwrap();
Alternatively, protocol could generate trait, so we could have different ways of validating the same struct, and stateful validators:
Right now if the raw bytes parse correctly, the next step in most applications is to validate (sanitize) the data. This being an additional step is a risk (programmer may forget about validation) and waste of resources (
protocolhas to parse all fields before sanitation can run). It may also result in unnecessary allocations - let's say our protocol acceptsVec<_>and someone sends us 8GB of data.protocolwill download, parse and allocate 8GBVec, which will be rejected by the next instruction likeif vec.len() > 64 { return; }.I imagine code could look like this:
Alternatively,
protocolcould generate trait, so we could have different ways of validating the same struct, and stateful validators:The text was updated successfully, but these errors were encountered: