Joel Spolsky has written an article called Making Wrong Code Look Wrong where he posits the claim that Hungarian notation (more precisely, Apps Hungarian) is still useful in modern day programming. Joel is wrong.
Joel uses the example of HTML Encoding user input when writing output to a web page to prevent cross-site scripting attacks. Basically, he states that every encoded string should have an 's' prefix while unencoded strings should have a 'us' prefix. What he is doing is encoding type by convention, rather than using the power of a statically typed language to find the errors for him. What Joel needs is a SafeString class:
class SafeString {
private string _text;
}and this SafeString should have an implicit conversion to and from String:
public static implicit operator SafeString(string s) {
return new SafeString(s);
}
public static implicit operator String(SafeString s) {
return s._text;
}
and a way of adding already encoded strings into a SafeString: public SafeString(string text, bool encoded) {
if(encoded) {
_text=text;
} else {
_text=HttpUtility.HtmlEncode(text);
}
}
As a simple test, I wrote a Console App to exercise this class: static void Main(string[] args) {
SafeString name=args[0];
SafeString prefix=new SafeString("Your <B>name</B> is:", true);
prefix+=name;
Console.WriteLine(prefix);
}
Let's run this to see what we get:
rbirkby@tm-linux:~/svn/Experimental/SafeString $ mono safestring.exe 'Richard'
Your <B>name</B> is:Richard
rbirkby@tm-linux:~/svn/Experimental/SafeString $ mono safestring.exe 'Richard<SCRIPT>alert(“xss“)</SCRIPT>'
Your <B>name</B> is:Richard<script>alert(“xss“)</script>
Lo and behold, we have a solution without Hungarian and in fact does it better than any coding convention could. If we wanted, we could create a new Response.Write() statement which only accepts a SafeString. In which case, the compiler is statically checking that we have correctly encoded all strings. The full code is:
using System;
using System.Web;
class SafeString {
private string _text;
public SafeString(string text, bool encoded) {
if(encoded) {
_text=text;
} else {
_text=HttpUtility.HtmlEncode(text);
}
}
public SafeString(string text) : this(text, false) {}
public static implicit operator SafeString(string s) {
return new SafeString(s);
}
public static implicit operator String(SafeString s) {
return s._text;
}
public static SafeString operator +(SafeString s1,SafeString s2) {
s1._text += s2._text;
return s1;
}
}
class Test {
static void Main(string[] args) {
SafeString name=args[0];
SafeString prefix=new SafeString("Your <B>name</B> is:", true);
prefix+=name;
Console.WriteLine(prefix);
}
}