type safe execution of route functions #54
Labels
FR enhancement
New feature or request regarding a functional reqirement
medium priority
well be done at some point
Comments
JulianFP
added
FR enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Many routes process user provided data in the form of query strings, json form data or similar. These routes require the presence of certain variables of the correct datatype in this data. While we often make sure to check if for example certain keys exist in the json object, we do this a bit inconsistently and also don't really check the data types. The runtime errors that come from this (e.g. pythons KeyError) are often captured by flask which then just returns a generic server error to the client, but this is not always the case.
To make the backend more reliably and to make it impossible for users to trivially DOS the backend by just sending invalid requests we should check if all properties that routes expect requests to have are met before even executing any route-specific code. This would also make it a lot easier to write/maintain this code since it would no longer be necessary to implement these imperative checks for each route again and again.
The text was updated successfully, but these errors were encountered: