Should you expect unexpected values from external APIs?
Lets say you are coding a function that takes input from an external API MyAPI.
That external API MyAPI has a contract that states it will return a string or a number.
Is it recommended to guard against things like null, undefined, boolean, etc. even though it's not part of the API of MyAPI? In particular, since you have no control over that API you cannot make the guarantee through something like static type analysis so it's better to be safe than sorry?
I'm thinking in relation to the Robustness Principle.
design api api-design web-services functions
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
|
show 1 more comment
Lets say you are coding a function that takes input from an external API MyAPI.
That external API MyAPI has a contract that states it will return a string or a number.
Is it recommended to guard against things like null, undefined, boolean, etc. even though it's not part of the API of MyAPI? In particular, since you have no control over that API you cannot make the guarantee through something like static type analysis so it's better to be safe than sorry?
I'm thinking in relation to the Robustness Principle.
design api api-design web-services functions
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
4
What are the impacts of not handling those unexpected values if they are returned? Can you live with these impacts? Is it worth the complexity to handle those unexpected values to prevent having to deal with the impacts?
– Vincent Savard
3 hours ago
@VincentSavard I know I won't get an absolute answer without this data, but I'm looking for an in general answer.
– Adam Thompson
2 hours ago
4
If you're expecting them, then by definition they're not unexpected.
– Mason Wheeler
2 hours ago
Possible duplicate of Differences between Design by Contract and Defensive Programming
– gnat
1 hour ago
There is no general answer. Ideally you make the software fail and log an error. But if you cannot fix the error, that doesn't do much good for the user.
– Frank Hileman
1 hour ago
|
show 1 more comment
Lets say you are coding a function that takes input from an external API MyAPI.
That external API MyAPI has a contract that states it will return a string or a number.
Is it recommended to guard against things like null, undefined, boolean, etc. even though it's not part of the API of MyAPI? In particular, since you have no control over that API you cannot make the guarantee through something like static type analysis so it's better to be safe than sorry?
I'm thinking in relation to the Robustness Principle.
design api api-design web-services functions
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
Lets say you are coding a function that takes input from an external API MyAPI.
That external API MyAPI has a contract that states it will return a string or a number.
Is it recommended to guard against things like null, undefined, boolean, etc. even though it's not part of the API of MyAPI? In particular, since you have no control over that API you cannot make the guarantee through something like static type analysis so it's better to be safe than sorry?
I'm thinking in relation to the Robustness Principle.
design api api-design web-services functions
design api api-design web-services functions
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
asked 3 hours ago
Adam ThompsonAdam Thompson
25517
25517
4
What are the impacts of not handling those unexpected values if they are returned? Can you live with these impacts? Is it worth the complexity to handle those unexpected values to prevent having to deal with the impacts?
– Vincent Savard
3 hours ago
@VincentSavard I know I won't get an absolute answer without this data, but I'm looking for an in general answer.
– Adam Thompson
2 hours ago
4
If you're expecting them, then by definition they're not unexpected.
– Mason Wheeler
2 hours ago
Possible duplicate of Differences between Design by Contract and Defensive Programming
– gnat
1 hour ago
There is no general answer. Ideally you make the software fail and log an error. But if you cannot fix the error, that doesn't do much good for the user.
– Frank Hileman
1 hour ago
|
show 1 more comment
4
What are the impacts of not handling those unexpected values if they are returned? Can you live with these impacts? Is it worth the complexity to handle those unexpected values to prevent having to deal with the impacts?
– Vincent Savard
3 hours ago
@VincentSavard I know I won't get an absolute answer without this data, but I'm looking for an in general answer.
– Adam Thompson
2 hours ago
4
If you're expecting them, then by definition they're not unexpected.
– Mason Wheeler
2 hours ago
Possible duplicate of Differences between Design by Contract and Defensive Programming
– gnat
1 hour ago
There is no general answer. Ideally you make the software fail and log an error. But if you cannot fix the error, that doesn't do much good for the user.
– Frank Hileman
1 hour ago
4
4
What are the impacts of not handling those unexpected values if they are returned? Can you live with these impacts? Is it worth the complexity to handle those unexpected values to prevent having to deal with the impacts?
– Vincent Savard
3 hours ago
What are the impacts of not handling those unexpected values if they are returned? Can you live with these impacts? Is it worth the complexity to handle those unexpected values to prevent having to deal with the impacts?
– Vincent Savard
3 hours ago
@VincentSavard I know I won't get an absolute answer without this data, but I'm looking for an in general answer.
– Adam Thompson
2 hours ago
@VincentSavard I know I won't get an absolute answer without this data, but I'm looking for an in general answer.
– Adam Thompson
2 hours ago
4
4
If you're expecting them, then by definition they're not unexpected.
– Mason Wheeler
2 hours ago
If you're expecting them, then by definition they're not unexpected.
– Mason Wheeler
2 hours ago
Possible duplicate of Differences between Design by Contract and Defensive Programming
– gnat
1 hour ago
Possible duplicate of Differences between Design by Contract and Defensive Programming
– gnat
1 hour ago
There is no general answer. Ideally you make the software fail and log an error. But if you cannot fix the error, that doesn't do much good for the user.
– Frank Hileman
1 hour ago
There is no general answer. Ideally you make the software fail and log an error. But if you cannot fix the error, that doesn't do much good for the user.
– Frank Hileman
1 hour ago
|
show 1 more comment
5 Answers
5
active
oldest
votes
You should never trust the inputs to your software, regardless of source. Not only validating the types is important, but also ranges of input and the business logic as well.
Failing to do so will at best leave you with garbage data that you have to later clean up, but at worst you'll leave an opportunity for malicious exploits if that upstream service gets compromised in some fashion (q.v. the Target hack). The range of problems in between includes getting your application in an unrecoverable state.
answered 3 hours ago
PaulPaul
2,347914
2
What is q.v. stand for ?
– JonH
42 mins ago
add a comment |
Yes, of course. But what makes you think the answer could be different?
You surely don't want to let your program behave in some unpredictable manner in case the API does not return what the contract says, don't you? So at least you have to deal with such a behaviour somehow. A minimal form of error handling is always worth the (very minimal!) effort, and there is absolutely no excuse for not implementing something like this.
However, how much effort you should invest to deal with such a case is heavily case dependent and can only be answered in context of your system. Often, a short log entry and letting the application end gracefully can be enough. Sometimes, you will be better off to implement some detailed exception handling, dealing with different forms of "wrong" return values, and maybe have to implement some fallback strategy.
But it makes a hell of a difference if you are writing just some inhouse spreadsheet formatting application, to be used by less than 10 people and where the financial impact of an application crash is quite low, or if you are creating a new autonomous car driving system, where an application crash may cost lives.
So there is no shortcut against reflecting about what you are doing, using your common sense is always mandatory.
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
add a comment |
The Robustness Principle--specifically, the "be liberal in what you accept" half of it--is a very bad idea in software. It was originally developed in the context of hardware,
where physical constraints make engineering tolerances very important, but in software, when someone sends you malformed or otherwise improper input, you have two choices. You can either reject it, (preferably with an explanation as to what went wrong,) or you can try to figure out what it was supposed to mean.
Never, never, never choose that second option unless you have resources equivalent to Google's Search team to throw at your project, because that's what it takes to come up with a computer program that does anything close to a decent job at that particular problem domain. (And even then, Google's suggestions feel like they're coming straight out of left field about half the time.) If you try to do so, what you'll end up with is a massive headache where your program will frequently try to interpret bad input as X, when what the sender really meant was Y.
This is bad for two reasons. The obvious one is because then you have bad data in your system. The less obvious one is that in many cases, neither you nor the sender will realize that anything went wrong until much later down the road when something blows up in your face, and then suddenly you have a big, expensive mess to fix and no idea what went wrong because the noticeable effect is so far removed from the root cause.
This is why the Fail Fast principle exists; save everyone involved the headache by applying it to your APIs.
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
add a comment |
Let's compare the two scenarios and try to come to a conclusion.
Scenario 1
Our application assumes the external API will behave as per the agreement.
Scenario 2
Our application assumes the external API can misbehave, hence add precautions.
In general, there is a chance for any API or software to violate the agreements; may be due to a bug or unexpected conditions. Even an API might be having issues in the internal systems resulting in unexpected results.
If our program is written assuming the external API will adhere to the agreements and avoid adding any precautions; who will be the party facing the issues? It will be us, the ones who has written integration code.
For example, the null values that you have picked. Say, as per the API agreement the response should have not-null values; but if it is suddenly violated our program will result in NPEs.
So, I believe it will be better to make sure your application has some additional code to address unexpected scenarios.
answered 3 hours ago
lkamallkamal
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
You should always validate incoming data -- user-entered or otherwise -- so you should have a process in place to handle when the data retrieved from this external API is invalid.
Generally speaking, any seam where extra-orgranizational systems meet should require authentication, authorization (if not defined simply by authentication), and validation.
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "131"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsoftwareengineering.stackexchange.com%2fquestions%2f385497%2fshould-you-expect-unexpected-values-from-external-apis%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
You should never trust the inputs to your software, regardless of source. Not only validating the types is important, but also ranges of input and the business logic as well.
Failing to do so will at best leave you with garbage data that you have to later clean up, but at worst you'll leave an opportunity for malicious exploits if that upstream service gets compromised in some fashion (q.v. the Target hack). The range of problems in between includes getting your application in an unrecoverable state.
answered 3 hours ago
PaulPaul
2,347914
2
What is q.v. stand for ?
– JonH
42 mins ago
add a comment |
You should never trust the inputs to your software, regardless of source. Not only validating the types is important, but also ranges of input and the business logic as well.
Failing to do so will at best leave you with garbage data that you have to later clean up, but at worst you'll leave an opportunity for malicious exploits if that upstream service gets compromised in some fashion (q.v. the Target hack). The range of problems in between includes getting your application in an unrecoverable state.
answered 3 hours ago
PaulPaul
2,347914
2
What is q.v. stand for ?
– JonH
42 mins ago
add a comment |
You should never trust the inputs to your software, regardless of source. Not only validating the types is important, but also ranges of input and the business logic as well.
Failing to do so will at best leave you with garbage data that you have to later clean up, but at worst you'll leave an opportunity for malicious exploits if that upstream service gets compromised in some fashion (q.v. the Target hack). The range of problems in between includes getting your application in an unrecoverable state.
answered 3 hours ago
PaulPaul
2,347914
You should never trust the inputs to your software, regardless of source. Not only validating the types is important, but also ranges of input and the business logic as well.
Failing to do so will at best leave you with garbage data that you have to later clean up, but at worst you'll leave an opportunity for malicious exploits if that upstream service gets compromised in some fashion (q.v. the Target hack). The range of problems in between includes getting your application in an unrecoverable state.
answered 3 hours ago
PaulPaul
2,347914
answered 3 hours ago
PaulPaul
2,347914
answered 3 hours ago
PaulPaul
2,347914
answered 3 hours ago
PaulPaul
2,347914
2,347914
2
What is q.v. stand for ?
– JonH
42 mins ago
add a comment |
2
What is q.v. stand for ?
– JonH
42 mins ago
2
2
What is q.v. stand for ?
– JonH
42 mins ago
What is q.v. stand for ?
– JonH
42 mins ago
add a comment |
Yes, of course. But what makes you think the answer could be different?
You surely don't want to let your program behave in some unpredictable manner in case the API does not return what the contract says, don't you? So at least you have to deal with such a behaviour somehow. A minimal form of error handling is always worth the (very minimal!) effort, and there is absolutely no excuse for not implementing something like this.
However, how much effort you should invest to deal with such a case is heavily case dependent and can only be answered in context of your system. Often, a short log entry and letting the application end gracefully can be enough. Sometimes, you will be better off to implement some detailed exception handling, dealing with different forms of "wrong" return values, and maybe have to implement some fallback strategy.
But it makes a hell of a difference if you are writing just some inhouse spreadsheet formatting application, to be used by less than 10 people and where the financial impact of an application crash is quite low, or if you are creating a new autonomous car driving system, where an application crash may cost lives.
So there is no shortcut against reflecting about what you are doing, using your common sense is always mandatory.
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
add a comment |
Yes, of course. But what makes you think the answer could be different?
You surely don't want to let your program behave in some unpredictable manner in case the API does not return what the contract says, don't you? So at least you have to deal with such a behaviour somehow. A minimal form of error handling is always worth the (very minimal!) effort, and there is absolutely no excuse for not implementing something like this.
However, how much effort you should invest to deal with such a case is heavily case dependent and can only be answered in context of your system. Often, a short log entry and letting the application end gracefully can be enough. Sometimes, you will be better off to implement some detailed exception handling, dealing with different forms of "wrong" return values, and maybe have to implement some fallback strategy.
But it makes a hell of a difference if you are writing just some inhouse spreadsheet formatting application, to be used by less than 10 people and where the financial impact of an application crash is quite low, or if you are creating a new autonomous car driving system, where an application crash may cost lives.
So there is no shortcut against reflecting about what you are doing, using your common sense is always mandatory.
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
add a comment |
Yes, of course. But what makes you think the answer could be different?
You surely don't want to let your program behave in some unpredictable manner in case the API does not return what the contract says, don't you? So at least you have to deal with such a behaviour somehow. A minimal form of error handling is always worth the (very minimal!) effort, and there is absolutely no excuse for not implementing something like this.
However, how much effort you should invest to deal with such a case is heavily case dependent and can only be answered in context of your system. Often, a short log entry and letting the application end gracefully can be enough. Sometimes, you will be better off to implement some detailed exception handling, dealing with different forms of "wrong" return values, and maybe have to implement some fallback strategy.
But it makes a hell of a difference if you are writing just some inhouse spreadsheet formatting application, to be used by less than 10 people and where the financial impact of an application crash is quite low, or if you are creating a new autonomous car driving system, where an application crash may cost lives.
So there is no shortcut against reflecting about what you are doing, using your common sense is always mandatory.
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
Yes, of course. But what makes you think the answer could be different?
You surely don't want to let your program behave in some unpredictable manner in case the API does not return what the contract says, don't you? So at least you have to deal with such a behaviour somehow. A minimal form of error handling is always worth the (very minimal!) effort, and there is absolutely no excuse for not implementing something like this.
However, how much effort you should invest to deal with such a case is heavily case dependent and can only be answered in context of your system. Often, a short log entry and letting the application end gracefully can be enough. Sometimes, you will be better off to implement some detailed exception handling, dealing with different forms of "wrong" return values, and maybe have to implement some fallback strategy.
But it makes a hell of a difference if you are writing just some inhouse spreadsheet formatting application, to be used by less than 10 people and where the financial impact of an application crash is quite low, or if you are creating a new autonomous car driving system, where an application crash may cost lives.
So there is no shortcut against reflecting about what you are doing, using your common sense is always mandatory.
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
edited 2 hours ago
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
answered 2 hours ago
Doc BrownDoc Brown
131k23240379
131k23240379
add a comment |
add a comment |
The Robustness Principle--specifically, the "be liberal in what you accept" half of it--is a very bad idea in software. It was originally developed in the context of hardware,
where physical constraints make engineering tolerances very important, but in software, when someone sends you malformed or otherwise improper input, you have two choices. You can either reject it, (preferably with an explanation as to what went wrong,) or you can try to figure out what it was supposed to mean.
Never, never, never choose that second option unless you have resources equivalent to Google's Search team to throw at your project, because that's what it takes to come up with a computer program that does anything close to a decent job at that particular problem domain. (And even then, Google's suggestions feel like they're coming straight out of left field about half the time.) If you try to do so, what you'll end up with is a massive headache where your program will frequently try to interpret bad input as X, when what the sender really meant was Y.
This is bad for two reasons. The obvious one is because then you have bad data in your system. The less obvious one is that in many cases, neither you nor the sender will realize that anything went wrong until much later down the road when something blows up in your face, and then suddenly you have a big, expensive mess to fix and no idea what went wrong because the noticeable effect is so far removed from the root cause.
This is why the Fail Fast principle exists; save everyone involved the headache by applying it to your APIs.
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
add a comment |
The Robustness Principle--specifically, the "be liberal in what you accept" half of it--is a very bad idea in software. It was originally developed in the context of hardware,
where physical constraints make engineering tolerances very important, but in software, when someone sends you malformed or otherwise improper input, you have two choices. You can either reject it, (preferably with an explanation as to what went wrong,) or you can try to figure out what it was supposed to mean.
Never, never, never choose that second option unless you have resources equivalent to Google's Search team to throw at your project, because that's what it takes to come up with a computer program that does anything close to a decent job at that particular problem domain. (And even then, Google's suggestions feel like they're coming straight out of left field about half the time.) If you try to do so, what you'll end up with is a massive headache where your program will frequently try to interpret bad input as X, when what the sender really meant was Y.
This is bad for two reasons. The obvious one is because then you have bad data in your system. The less obvious one is that in many cases, neither you nor the sender will realize that anything went wrong until much later down the road when something blows up in your face, and then suddenly you have a big, expensive mess to fix and no idea what went wrong because the noticeable effect is so far removed from the root cause.
This is why the Fail Fast principle exists; save everyone involved the headache by applying it to your APIs.
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
add a comment |
The Robustness Principle--specifically, the "be liberal in what you accept" half of it--is a very bad idea in software. It was originally developed in the context of hardware,
where physical constraints make engineering tolerances very important, but in software, when someone sends you malformed or otherwise improper input, you have two choices. You can either reject it, (preferably with an explanation as to what went wrong,) or you can try to figure out what it was supposed to mean.
Never, never, never choose that second option unless you have resources equivalent to Google's Search team to throw at your project, because that's what it takes to come up with a computer program that does anything close to a decent job at that particular problem domain. (And even then, Google's suggestions feel like they're coming straight out of left field about half the time.) If you try to do so, what you'll end up with is a massive headache where your program will frequently try to interpret bad input as X, when what the sender really meant was Y.
This is bad for two reasons. The obvious one is because then you have bad data in your system. The less obvious one is that in many cases, neither you nor the sender will realize that anything went wrong until much later down the road when something blows up in your face, and then suddenly you have a big, expensive mess to fix and no idea what went wrong because the noticeable effect is so far removed from the root cause.
This is why the Fail Fast principle exists; save everyone involved the headache by applying it to your APIs.
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
The Robustness Principle--specifically, the "be liberal in what you accept" half of it--is a very bad idea in software. It was originally developed in the context of hardware,
where physical constraints make engineering tolerances very important, but in software, when someone sends you malformed or otherwise improper input, you have two choices. You can either reject it, (preferably with an explanation as to what went wrong,) or you can try to figure out what it was supposed to mean.
Never, never, never choose that second option unless you have resources equivalent to Google's Search team to throw at your project, because that's what it takes to come up with a computer program that does anything close to a decent job at that particular problem domain. (And even then, Google's suggestions feel like they're coming straight out of left field about half the time.) If you try to do so, what you'll end up with is a massive headache where your program will frequently try to interpret bad input as X, when what the sender really meant was Y.
This is bad for two reasons. The obvious one is because then you have bad data in your system. The less obvious one is that in many cases, neither you nor the sender will realize that anything went wrong until much later down the road when something blows up in your face, and then suddenly you have a big, expensive mess to fix and no idea what went wrong because the noticeable effect is so far removed from the root cause.
This is why the Fail Fast principle exists; save everyone involved the headache by applying it to your APIs.
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
answered 1 hour ago
Mason WheelerMason Wheeler
74.4k18213297
74.4k18213297
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
add a comment |
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
While I agree with the principle of what you're saying, I think you're mistaken WRT the intent of the Robustness Principle. I've never seen it intended to mean, "accept bad data", only, "don't be excessively fiddly about good data". For example, if the input is a CSV file, the Robustness Principle wouldn't be a valid argument for trying to parse out dates in an unexpected format, but would support an argument that inferring colum order from a header row would be a good idea.
– Morgen
14 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
@Morgen: The robustness principle was used to suggest that browsers should accept rather sloppy HTML, and led to deployed web sites being much sloppier than they would have been if browsers had demanded proper HTML. A big part of the problem there, though, was the use of a common format for human-generated and machine-generated content, as opposed to the use of separate human-editable and machine-parsable formats along with utilities to convert between them.
– supercat
3 mins ago
add a comment |
Let's compare the two scenarios and try to come to a conclusion.
Scenario 1
Our application assumes the external API will behave as per the agreement.
Scenario 2
Our application assumes the external API can misbehave, hence add precautions.
In general, there is a chance for any API or software to violate the agreements; may be due to a bug or unexpected conditions. Even an API might be having issues in the internal systems resulting in unexpected results.
If our program is written assuming the external API will adhere to the agreements and avoid adding any precautions; who will be the party facing the issues? It will be us, the ones who has written integration code.
For example, the null values that you have picked. Say, as per the API agreement the response should have not-null values; but if it is suddenly violated our program will result in NPEs.
So, I believe it will be better to make sure your application has some additional code to address unexpected scenarios.
answered 3 hours ago
lkamallkamal
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Let's compare the two scenarios and try to come to a conclusion.
Scenario 1
Our application assumes the external API will behave as per the agreement.
Scenario 2
Our application assumes the external API can misbehave, hence add precautions.
In general, there is a chance for any API or software to violate the agreements; may be due to a bug or unexpected conditions. Even an API might be having issues in the internal systems resulting in unexpected results.
If our program is written assuming the external API will adhere to the agreements and avoid adding any precautions; who will be the party facing the issues? It will be us, the ones who has written integration code.
For example, the null values that you have picked. Say, as per the API agreement the response should have not-null values; but if it is suddenly violated our program will result in NPEs.
So, I believe it will be better to make sure your application has some additional code to address unexpected scenarios.
answered 3 hours ago
lkamallkamal
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Let's compare the two scenarios and try to come to a conclusion.
Scenario 1
Our application assumes the external API will behave as per the agreement.
Scenario 2
Our application assumes the external API can misbehave, hence add precautions.
In general, there is a chance for any API or software to violate the agreements; may be due to a bug or unexpected conditions. Even an API might be having issues in the internal systems resulting in unexpected results.
If our program is written assuming the external API will adhere to the agreements and avoid adding any precautions; who will be the party facing the issues? It will be us, the ones who has written integration code.
For example, the null values that you have picked. Say, as per the API agreement the response should have not-null values; but if it is suddenly violated our program will result in NPEs.
So, I believe it will be better to make sure your application has some additional code to address unexpected scenarios.
answered 3 hours ago
lkamallkamal
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Let's compare the two scenarios and try to come to a conclusion.
Scenario 1
Our application assumes the external API will behave as per the agreement.
Scenario 2
Our application assumes the external API can misbehave, hence add precautions.
In general, there is a chance for any API or software to violate the agreements; may be due to a bug or unexpected conditions. Even an API might be having issues in the internal systems resulting in unexpected results.
If our program is written assuming the external API will adhere to the agreements and avoid adding any precautions; who will be the party facing the issues? It will be us, the ones who has written integration code.
For example, the null values that you have picked. Say, as per the API agreement the response should have not-null values; but if it is suddenly violated our program will result in NPEs.
So, I believe it will be better to make sure your application has some additional code to address unexpected scenarios.
answered 3 hours ago
lkamallkamal
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 hours ago
lkamallkamal
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 hours ago
lkamallkamal
1413
answered 3 hours ago
lkamallkamal
1413
1413
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
lkamal is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
You should always validate incoming data -- user-entered or otherwise -- so you should have a process in place to handle when the data retrieved from this external API is invalid.
Generally speaking, any seam where extra-orgranizational systems meet should require authentication, authorization (if not defined simply by authentication), and validation.
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
add a comment |
You should always validate incoming data -- user-entered or otherwise -- so you should have a process in place to handle when the data retrieved from this external API is invalid.
Generally speaking, any seam where extra-orgranizational systems meet should require authentication, authorization (if not defined simply by authentication), and validation.
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
add a comment |
You should always validate incoming data -- user-entered or otherwise -- so you should have a process in place to handle when the data retrieved from this external API is invalid.
Generally speaking, any seam where extra-orgranizational systems meet should require authentication, authorization (if not defined simply by authentication), and validation.
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
You should always validate incoming data -- user-entered or otherwise -- so you should have a process in place to handle when the data retrieved from this external API is invalid.
Generally speaking, any seam where extra-orgranizational systems meet should require authentication, authorization (if not defined simply by authentication), and validation.
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
answered 3 hours ago
StarTrekRedneckStarTrekRedneck
1691
1691
add a comment |
add a comment |
Thanks for contributing an answer to Software Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsoftwareengineering.stackexchange.com%2fquestions%2f385497%2fshould-you-expect-unexpected-values-from-external-apis%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
4
What are the impacts of not handling those unexpected values if they are returned? Can you live with these impacts? Is it worth the complexity to handle those unexpected values to prevent having to deal with the impacts?
– Vincent Savard
3 hours ago
@VincentSavard I know I won't get an absolute answer without this data, but I'm looking for an in general answer.
– Adam Thompson
2 hours ago
4
If you're expecting them, then by definition they're not unexpected.
– Mason Wheeler
2 hours ago
Possible duplicate of Differences between Design by Contract and Defensive Programming
– gnat
1 hour ago
There is no general answer. Ideally you make the software fail and log an error. But if you cannot fix the error, that doesn't do much good for the user.
– Frank Hileman
1 hour ago