Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate user-supplied parameters #7

Open
jasonaowen opened this issue Oct 27, 2020 · 1 comment
Open

Validate user-supplied parameters #7

jasonaowen opened this issue Oct 27, 2020 · 1 comment

Comments

@jasonaowen
Copy link
Contributor

We want developers who use this SDK to have a good experience. In particular, we should have clear errors for problems we can detect as soon as possible: we should validate the parameters coming in from outside this codebase. This includes validating the types that we receive, because while we're writing TypeScript, users can call our SDK from JavaScript, which would not require that types match.

We're using Joi in upload-service, and it seems to meet our needs well there. Let's try using it here!

Note that I don't believe this to be a security issue; this SDK merely makes it easier to make network requests to the Permanent.org API, and does not inherently have any special privilege. Malicious users could make malformed requests directly rather than use the SDK. Parameter validation is more about helping our users use the SDK correctly and surfacing problems more quickly and clearly.

This came out of a discussion on a pull request.
@jasonaowen jasonaowen mentioned this issue Oct 27, 2020
Merged
@andrewatwood
Copy link
Contributor

Great suggestion! Will tee this up.

@jasonaowen jasonaowen mentioned this issue Nov 5, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jasonaowen @andrewatwood