Re: RFC: PerForm updates

Wed, 12 Feb 2003 10:24:04 -0800

Schematron is an XSLT based schema language that's intended purely for validation, it would be ideal to do server-side checks without reinventing the wheel, plus the XML geeks I respect (e.g. SStL, Uche) like it too. IMHO XForms reinvents the wheel because it's intended to be client-side, but I don't think XForms is really going to fly on the client side (I mean, even XHTML is kind of going nowhere).

simon

On Wednesday, February 12, 2003, at 12:39 PM, Tod Harter wrote:

As for the way they deal with object model binding and such, I'm not really
sure that it makes a lot of sense. My experience, which parlty comes out of
being on the OWASP input filtering project, was that a seperate XSP taglib
that lets you specify 'assertions' about input is better. I have a simple one
(pitifully simple, but I'd be happy to have some people comment on it) which
does this. So for input validation you just have XSP tags like

<assert:numeric><param:mynumberonlyfield/></assert:numeric>

which returns either its input, or throws an assertion error. Other tags do
similar things, and you can easily build tags that do transforms as well
(thus I have one that strips tags from input, etc.).

---
www.simonwoodside.com

<http://ThisURLEnablesEmailToGetThroughOverzealousSpamFilters.org>


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to