This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2021-08-05
Channels
- # announcements (1)
- # babashka (5)
- # beginners (151)
- # calva (43)
- # clj-kondo (23)
- # cljdoc (1)
- # cljs-dev (6)
- # cljsrn (10)
- # clojure (60)
- # clojure-australia (1)
- # clojure-europe (26)
- # clojure-gamedev (14)
- # clojure-nl (1)
- # clojure-spec (10)
- # clojure-uk (80)
- # clojurescript (66)
- # clojureverse-ops (4)
- # community-development (7)
- # conjure (8)
- # datomic (15)
- # deps-new (1)
- # docker (27)
- # emacs (2)
- # fulcro (13)
- # honeysql (13)
- # java (5)
- # jobs-discuss (43)
- # lsp (121)
- # luminus (13)
- # malli (1)
- # off-topic (73)
- # pathom (12)
- # polylith (29)
- # practicalli (4)
- # re-frame (35)
- # reagent (44)
- # remote-jobs (5)
- # rewrite-clj (2)
- # sci (7)
- # shadow-cljs (125)
- # sql (4)
- # tools-deps (9)
- # xtdb (5)
Instead of making parsing more performant (which is certainly a good thing) one can treat payload size and request frequency as separate problems and simply reject stuff that goes above a certain threshold respectively. In common, simple cases it’s enough to have sensible heuristics for each of those. At scale one likely needs statistical models. In other words, spec is concerned with analysing stuff that’s already read (parsed), so I would assume you put those kind of checks before it.
I talked a bit with a googler who was working on systems that detect anomal request patterns on the edges a couple of years ago, was quite fascinating.
If a stranger keeps loudly knocking on your door with a big hammer, you don’t ask for their credentials, just call the police.
OTOH rolling out a ML-powered infrastructure sec thingy sounds like a 10x harder problem Still one worth solving though
(let [s (s/cat :cat? (s/? (s/cat :int int?)))]
(s/unform s (s/conform s [1])))
=> ((1))
should be (1)
I think it’s this issue: https://clojure.atlassian.net/browse/CLJ-2003