Development

Validation: black or white list

When you’re validating data – either client- or serverside – there are basically two strategies you can choose between. You can either blacklist data or white list data. Blacklisting seems to be the most popular way to validate data, but white listing is so much better. Here’s a brief description of the two strategies and why the white listing is better. The black listing strategy is validating you input against a list of characters which are illegal in the input. You can either reject input containing the blacklisted characters or just remove them from the input.

Do Repeat Yourself

It seems most developers has listen too much to the principle of “don’t repeat yourself”, and so otherwise bright developers in some cases strive too much to avoid repeating themselves and makes a mess of their systems but avoids repetitions completely. If your developer and reads about the DRY, do also remember the important step one: Think. I’m basically all for DRY. Endless repetitions of the same lines of codes is a pretty bad idea and should be avoided.

Don’t use Ajax blindly

GMail and other web applications have adopted a new technique coined Ajax (by Adaptive Path). It brings web applications a step away from the stateless web and closer to real applications. It’s harder to built applications with the applications, but it’s hot – and the most recent release of Rails (for Ruby) promises to make it much easier to do Ajax applications. Before you do too many Ajax applications, do think for a second. Tadalist is a great example which could have been so much better with less Ajax code. The application rocks in a browser – if you’re at a full computer where the browser knows about and fulfil the requirements posed by the Ajax technique.