thojanssens1

thojanssens1

Let it crash or not?

In some situations I’m not sure whether it’s better to let it crash or not. I can identify three main types of errors:

  1. Programmer error => let it crash
  2. User error (invalid form input) => handle the error through changeset validators and display an error message for user to correct
  3. Programmer error OR abnormal/malicious user input => ?

For the latter I’m not sure how to handle these errors. Say a form that contains a <select> element, allowing you to specify a relation; e.g. a user fills a doctor’s appointment details, and he has to select one of the possible doctor’s offices. These office IDs can’t be changed by a normal user as the <select> offers a limited set of options, but some malicious user could go into Developer Tools and change the <option> value, which will result into a DB foreign key contraint error.

For these cases, where an error might be the programmer’s fault, but also might be the user causing it (we should remember this is external untrusted data), what is best to be done?

Should I systematically use Ecto foreign_key_constraint/3 to avoid crashing the process? If so, what would you display to the user?
The disadvantage with this is that if it actually was a bug, I will miss that bug (no error log).

Should I just let it crash? Crashing has some overhead though, e.g. we want to log it. Now imagine a malicious user sending thousands of requests quickly triggering these errors. As this error is related to external data, is it really wise to let it crash? Most oftenly will be a programmer error, but what if it’s not.

Most Liked

thiagomajesk

thiagomajesk

For your specific example, I would the following:

Render only the possible valid options in the form and…

If the invalid state is most likely to happen (for whatever reason), I’d check if the user can in fact do this operation in the context and avoid the constraint error altogether by deflecting the operation to another flow.

However, If it’s something a little unpredictable (or I don’t want to enforce through workflow), I’d just “let it crash” and then treat the specific constraint error when the exception happens by redirecting the user back to the form and showing a nice message explaining the reason (this can easily be achieved using changesets).

The whole point of just letting things crash is to avoid too much defensive programming when you have more unknowns in the workflow that can lead to bad software state. I’d argue that you could avoid the bad state altogether by controlling the program flow or letting it crash (if you don’t know exactly what or how to handle the state), but this always depends on other factors like the software architecture and the workflow.

If you are using SPA, you might want to do validations in Javascript to avoid hitting the server.
If you have a REST API that is consumed by an integration, you might want to validate the inputs before actually doing something to avoid heavy lifting.
If you only have a form posting to an endpoint that goes to a context and calls a changeset, it might be light enough to process all the validations and return to the user.

IMHO, the amount of “defensive programming” you’ll apply drastically depends on constraints other than the one you are working with at the moment.

hauleth

hauleth

It depends, but in general malicious user is still user, so this gives you to which bucket such errors should go.

Where Next?

Popular in Questions Top

vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
hariharasudhan94
lets say i have a sample like a = 20; b = 10; if (a &gt; b) do {:ok, "a"} end if (a &lt; b) do {:ok, b} end if (a == b) do {:ok, "equa...
New
9mm
I am constructing a JSON object (map) and I need to conditionally set a field. I’m trying to write proper elixir-way code… and I’m at a l...
New
JulienCorb
I am trying to implement my new.html.eex file to create new posts on my website. new.html.eex: &lt;h1&gt;Create Post&lt;/h1&gt; &lt;%= ...
New
Lily
In templates/appointment/index.html.eex: &lt;%= for appointment &lt;- @appointments do %&gt; &lt;tr&gt; &lt;td&gt;&lt;%= appoi...
New
alice
Hey, Just curious what are the main benefits of Elixir compared to Clojure? When is Elixir more useful than Clojure and vice versa? Th...
New
SoCreat
i’m a new one to elixir which editor can i use vs code? or atom? Thanks! :smiley:
New
dotdotdotPaul
Okay, I’m having a heck of a time trying to figure out how to best handle the validation of belongs_to associations in Ecto. I’m sure I’...
New
jaysoifer
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)? Would mix ecto.rollback -v 200809061...
New
dokuzbir
I want to highlight html closing tags when i click a html tag. That works in .html files but doesnt work for html.eex templates. How can...
New

Other popular topics Top

sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
Nvim
Anybody knows a comprehensive comparison of Django and Phoenix, thanks for the help. Where are they similar? Where do they differ the m...
New
Patoshizzle
After calling mix ecto.create I get this error: 17:00:32.162 [error] GenServer #PID&lt;0.412.0&gt; terminating ** (Postgrex.Error) FATAL...
New
shahryarjb
Hello, I have map which I want to convert it to string like this: the map: %{last_name: "tavakkoli", name: "shahryar"} the string I ne...
New
chrismccord
Phoenix 1.4.0 released Phoenix 1.4 is out! This release ships with exciting new features, most notably with HTTP2 support, improved deve...
688 31194 112
New
pmjoe
I have a relationship of love and hate with Elixir. Lots of things are just absolutely right, but there are some things that are kind of ...
New
fireproofsocks
Forgive me if this is obvious, but how does one delete a database record WITHOUT selecting it first? Ecto.Repo — Ecto v3.14.0 has exampl...
New
jay1
Why is it that the mnesia database isn’t the most preferred database for use in Elixir/Phoenix?
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
SoCreat
i’m a new one to elixir which editor can i use vs code? or atom? Thanks! :smiley:
New

We're in Beta

About us Mission Statement