I really dislike the trend that several Rust web frameworks are following of using annotations on functions to define routes. Being able to quickly see which routes are available on an application in one place is extremely useful, as is using a function for multiple routes
-
https://github.com/seanmonstar/warp/blob/1a484ca18797cdbb5e32bf7e7a0d6d7cffb2d12d/examples/todos.rs#L62-L99 … really needs to be way less verbose though. Haven't evaluated warp for security yet, but this makes me think it requires knowing to put "I want CSRF protection (token-based), I want same-origin checking, I want encrypted cookies/session rotation" everywher
-
-
Haha. Yeah, I think you have some flexibility in setting up a top-level filter and then applying it to sub-filters, so common things like authentication, protection, logging, etc. can be done once and then have filters appended to it over and over again. Right?...right.
-
I would hope "make my app secure against common, well known attacks" is there by default (obv token based CSRF protection is hard to do if you have no opinion on form generation which is why I'm still waiting for a Rails instead of a Sinatra)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.