https://lgtm.com/blog/apache_struts_CVE-2017-9805
There seems to be many similar examples these days of developers failing to validate remote input.
Anyone who's programmed in perl will know about taint mode, designed to help programmers to validate remotely entered data on webservers.
Of course there may be programmers who don't wan't to validate their data and we don't want to upset them, just the same as they should not be attempting to prevent those who want to validate input from doing so.
So to that end, when I reimplemented deserialization to enable atomic input validation, I made sure that object's serial form didn't need to change, and that those who didn't want to use it didn't have to. In other words, everyone gets to do what they want, I'm not favouring the security concious, nor those who don't like security, just letting both camps do as they wish.
I think this is a good way forward for other technologies that have traditionally been contraversial for River, enable support, but don't make it mandatory, so those who don't use it aren't forced to, so we don't get them off side.
Cheers, Peter.
