XML Editor - Download a Free Trial >
See What's New >
Buy Now >

[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: SOAP-RPC and REST and security

asp vbscript return receipt
Play the video
On 20 Feb 2002, at 14:11, Dare Obasanjo wrote:

> Most people I know writing web applications are smart enough to know not
> to write them in C or C++. 

There are an awful lot of componants ((D)COM(+) as an example) writted in 
C++.  Not to mention the fact that lots of server/middleware/database 
products are written in C/++.

> Most web applications are written in Java,
> ASP (VBScript/Jscript), and Perl. None of which I've seen have a problem
> with buffer overflows. 

Not in and of themselves.  But scripting languages do tend to use things on 
the server that do have problems with buffer overflows.  When's the last time 
you saw a web application implemented wholly in VBScript without the use 
of COM/DNA/CS2K/etc?

> It's one thing to be against clients remotely executing code on a server
> and another to scapegoat SOAP in an ill-conceived attempt to garner
> negative press towards a misunderstood technology. 

I think you've just proven one of Paul's points - REST, as implemented by 
passing URIs around is more widely understood than SOAP.  Why add 
YALayer with all of it retooling requirements into the mix?  Why not build on 
what we already have - and what's already proven to be wildly successful?

SOAP is cool, don't get me wrong.  I just don't see the need to add that 
much more complexity to what boils down to essentially PUT-GET-POST-
DELETE.

> After all, buffer overflows are possible in all web applications written
> in unsafe languages. Whether they use SOAP or not is inconsequential. 

True.  Bugs increase with complexity.  Reduce the complexity.
----------------------------------------------------
Sign Up for NetZero Platinum Today
Only $9.95 per month!
http://my.netzero.net/s/signup?r=platinum&refcd=PT97

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

XML Editor - Download a 15 Day Free Trial Now >
See What's New in Stylus Studio >
Buy Stylus Studio - XML Editor - Now >
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.