add to 'banning strings chapters' - Githubissues

DinisCruz / Book_Software_Quality

Content for 'Measuring Software Quality using Application Security' book published at LeanPub

Apache License 2.0

38 stars 14 forks source link

add to 'banning strings chapters' #194

Open DinisCruz opened 7 years ago

DinisCruz commented 7 years ago

To add to Not using strings.

https://twitter.com/josselinauguste/status/781799876216647680
- String is not a type
- Strings are not strongly typed
- "strings are a serialization platform" , Josselin Auguste
Strings should be called blobs
"Wrap all primitives and strings" - see https://github.com/DinisCruz/Book_Software_Quality/issues/193

Banning Strings

explain why strings needs to be banned
strongly type classes are what we needs
reference John W post to OWASP leaders (and research on this topic)
- http://appsandsecurity.blogspot.co.uk/2013/05/should-string-be-abstract-class.html