undefined | Better HN

0 pointsbruce3434341y ago0 comments

Solve problems you have, not ones you invent

0 comments

Html, Json, SQL are the very basics which most web apps will run into. You don't have to invent anything to get more than one possible output format.

bruce343434OP1y ago

For SQL you already have the language provided sanitation of prepared statements. For most backends, the output format is always json, which ends up on the frontend via dedicated browser APIs that don't allow html injection.

Maybe if you also directly render some html from the backend, that would change things.

Document these assumptions in your central code standards/architecture document to get everyone aligned, and then just stick to it and enjoy a more sane codebase.

viraptor1y ago

So what you're proposing is encode to html on input, to sql on output, passthrough to html, and encode to Json on output but after decoding from the saved html - and just document it well?

2 more replies

j / k navigate · click thread line to collapse

0 comments

viraptor1y ago

Html, Json, SQL are the very basics which most web apps will run into. You don't have to invent anything to get more than one possible output format.

bruce343434OP1y ago

Maybe if you also directly render some html from the backend, that would change things.

Document these assumptions in your central code standards/architecture document to get everyone aligned, and then just stick to it and enjoy a more sane codebase.

viraptor1y ago

So what you're proposing is encode to html on input, to sql on output, passthrough to html, and encode to Json on output but after decoding from the saved html - and just document it well?

2 more replies

j / k navigate · click thread line to collapse