[
Lists Home |
Date Index |
Thread Index
]
On 20 Feb 2002, at 14:11, Dare Obasanjo wrote:
> Most people I know writing web applications are smart enough to know not
> to write them in C or C++.
There are an awful lot of componants ((D)COM(+) as an example) writted in
C++. Not to mention the fact that lots of server/middleware/database
products are written in C/++.
> Most web applications are written in Java,
> ASP (VBScript/Jscript), and Perl. None of which I've seen have a problem
> with buffer overflows.
Not in and of themselves. But scripting languages do tend to use things on
the server that do have problems with buffer overflows. When's the last time
you saw a web application implemented wholly in VBScript without the use
of COM/DNA/CS2K/etc?
> It's one thing to be against clients remotely executing code on a server
> and another to scapegoat SOAP in an ill-conceived attempt to garner
> negative press towards a misunderstood technology.
I think you've just proven one of Paul's points - REST, as implemented by
passing URIs around is more widely understood than SOAP. Why add
YALayer with all of it retooling requirements into the mix? Why not build on
what we already have - and what's already proven to be wildly successful?
SOAP is cool, don't get me wrong. I just don't see the need to add that
much more complexity to what boils down to essentially PUT-GET-POST-
DELETE.
> After all, buffer overflows are possible in all web applications written
> in unsafe languages. Whether they use SOAP or not is inconsequential.
True. Bugs increase with complexity. Reduce the complexity.
----------------------------------------------------
Sign Up for NetZero Platinum Today
Only $9.95 per month!
http://my.netzero.net/s/signup?r=platinum&refcd=PT97
|