Defensive Development Failure

In the past, I have argued that devensive development is a useful tool to ensure unexpected exceptions are not introduced into a piece of software as well as ensuring that the error conditions are handled in an appropriate manner. Unfortunately, if defensive development is implemented poorly, it achieves none of its goals and can cause errors and exceptions to occur. One example that I found while reviewing some code recently is below:

var func = function(objParam1) {
	var isValid = true,
    	status;
    if(objParam1 === null) {
    	isValid = false;
        status = "failure";
    }
    if(objParam1.value1 === null) {
    	isValid = false;
        status = "failure 2";
    }
    if(isValid === false) {
    	return status;
    }
    /* Do Stuff Here */
};

So, do you see what the problem is here? The issue is that while we are properly detecting that objParam1 is null, we do not short-circuit the execution of the code, instead allowing it to fall into the check on objParam1.value1 and whether it is null. However, null does not have a member named value1. In JavaScript, this would trigger an unhandled exception and prevent the execution of other JavaScript on the page.

The correct way to write the above code in a Defensive Development method would be as follows:

var func = function(objParam1) {
    if(objParam1 === null) {
    	return "failure";
    }
    if(objParam1.value1 === null) {
    	return "failure 2";
    }
    /* Do Stuff Here */
};

As you can see, this code is much more concise, and fails fast, ensuring the least amount of code is executed as is possible.

Tags:
comments powered by Disqus

Related Posts

Why Use AddThis.com Sharing Buttons

AddThis.com produces a bit of JavaScript that enables website owners to quickly and easily add social sharing buttons/links to their website. In addition to allowing users to easily share your content socially, they also provide analytics information about what content is shared via which method, giving a greater insight into visitor behavior. However, just because it provides these benefits to websites does not necessarily mean that it is a good tool to implement on your website.

Read More

Avoid SiteCatalyst's useForcedLinkTracking and target="_blank"

All sites rely upon some third party analytics software to track at the very least the number of visitors to a site. Many sites use Google Analytics, which provide much more information that just the number of visitors. Another option that some of the bigger sites use is Adobe Analytics, aka SiteCatalyst to enable more custom tracking options that are not evident through the Google Analytics interface. One feature of SiteCatalyst is that it allows you to set an option useForcedLinkTracking that will track every link on your site for clicks whether or not you have setup custom tracking for the links or not.

Read More

Defensive Development - Fail Fast or Go Home

Defensive Development is a programming practice that is frequently misunderstood, but is nevertheless a critical practice to follow when working in many environments. I have seen articles written that argue that defensive development simply causes nonsensical null checks to be written, and as a result of seeing people writing bad code defensively, argues that no one should practice defensive development. There are other articles that, like many things in software development, argue that you should always use defensive development for everything.

Read More