@computionist @bascule For many, the benefits are somewhat abstract, until they get XSSed, whereas costs are real and immediate.
-
-
Replying to @mountain_ghosts
@jcoglan@computionist having a non-string type for untrusted data which makes you think about how you use it seems like a no brainer3 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@computionist I'd rather model types (what the string 'means') than 'untrustedness', but yeah.2 replies 0 retweets 0 likes -
Replying to @mountain_ghosts
@jcoglan@bascule@computionist using types for "modeling" rather than correctness is a common but sad mistake :(2 replies 0 retweets 0 likes -
Replying to @puffnfresh
@puffnfresh@bascule@computionist How do you even get correctness without modelling stuff?1 reply 0 retweets 0 likes -
Replying to @mountain_ghosts
@jcoglan@bascule@computionist I don't know but I think one is more important than the other.2 replies 0 retweets 0 likes -
Replying to @puffnfresh
@puffnfresh@bascule@computionist My mental model is you get correctness by modelling what you're doing and what it means.2 replies 0 retweets 0 likes -
Replying to @mountain_ghosts
@jcoglan@bascule@computionist I'm a functional programmer so I don't really know what modeling means :)2 replies 0 retweets 0 likes
@puffnfresh @jcoglan @computionist breaking down problems into types?
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.