Closed forwardever closed 10 years ago
Thanks for your feedback, @forwardever! Help me understand a little better.
What would preprocess do that is different from validation? Where do we draw the line between those two concepts? And also, are there enough standard, common, pre-processing operations that it would merit its own martini-contrib middleware? (At the moment, if this were to be made, I don't think it should be built into the binding package.)
For the use cases you've mentioned, though definitely valid, I'd just write my own middleware or simply have my validation step doing them... they're one- or two-liners.
it seems that the validator already gets a populated struct
so it might be to late to filter parameters there
lets say a user submits a price, but enters a white space (unintentionally or not), parsing might fail if you require a floating-point number (of course, client side validation is also an option)
You wrote: "For the use cases you've mentioned, though definitely valid, I'd just write my own middleware" It might make sense to create a separate middleware, but this also might make sense for validation.
So I think while creating a separate middleware might make sense, getting parameter processing in a central place also has advantages.
I'm new to golang and martini and just writing kind of a prototype to evaluate my options, so not sure if I got everything right.
That might be a great middleware for your project. I'm just not sure it belongs in this package. I do believe sanitizing user input is different from validating it. I, for one, would have my client app sanitize data before sending it -- things like trimming whitespace and leading zeroes -- basic formatting.
If it's alright, I'm going to close the issue -- thanks for helping me understand it! I definitely think that sanitizing input needs to happen somewhere, though.
allow preprocessing of params (before validation) via e.g. Preprocess (binding.Preprocess)
use cases: remove leading zeros remove spaces
before putting data into a struct before validating data
Preprocess might receive req.Form use "Set(key, value string)" to modify value
not sure whether to make a copy of req.Form or just modify it