Well they have done it once again. Microsoft has never been know to conform to what the world of software engineering classes as best practises. They are also known not to confirm to widely published standards.
This is true in their Internet Explorer browser (although with the new versions they seem to be getting there) and other products. Yes I know that is how they make money but it is also the way they are losing a great deal of potential customers.
I was investigating the SvcUtil tool earlier and was asked to figure out how to enforce the declarations in the XSD limiting the length of string values. Now it would make sense for a client to support this right? Well not according to Microsoft. The XSD.exe utility also doesn’t support doing this.
The ONLY reason I can figure Microsoft didn’t do this is because they believe that the service should truncate and enforce the maximum lengths of the strings being supplied. While this might have you nodding your head going “ah yes, well then they have a valid point” my next question to you is, why is that valid?
Sure the contract needs to be enforced on the server side, that is a given. If it is not enforced on the server side it is not really a contract is it? However, does this mean that we should allow huge sets of string data to be transmitted if the first 250 characters are going to be consumed? I don’t think that is viable as you are polluting a call that was probably designed to be as efficient as possible. Still not convinced?
Well let me throw it back to the consumer or client. If you are generating a client for a web service and you have not explicitly checked the XSD will you be aware of the restrictions? Well you won’t if you haven’t checked it. Then next thing is this. If the validation of those maximum lengths has fallen to the client to verify, how are you going to do that? How are you going to know that string you are submitting must only be a length of 200 characters? The only way you can do this is to verify that the restriction exists inside the XSD and then implement some sort of check on the field with a message letting you if the max length is exceeded.
While this might seem like a viable solution, I am incline to disagree. There is a significant amount of work attached to doing this and if the contract should change for what ever reason, you will have to go back and find all the places you have implemented this.
I will be contacting Microsoft with regard to this and try and figure out their thinking behind it and if there is a road map to fix it. Until then, if you have any ideas or suggestions please let me know.
No comments:
Post a Comment