Taint. Input validation in ReAssure makes use of Ruby taint tracking. All input read from web forms is validated with regular expressions or type and range checks (for integers), and then untainted. In this manner, any input that somehow (with a bug) bypassed validation should be detected.

Input read from the web goes through the CGI.unescapeHTML function, and data output to web pages goes through the function CGI.escapeHTML. Because these operations are reversible, we avoid the problem in which special characters such as < could be HTML-escaped repeatedly.

Database. Data is stored in the database using prepared statements. This escapes any dangerous inputs (see the section on the database for a more advanced and detailed discussion of stored procedures and prepared statements). Only validated data is stored in the database. Therefore, data read from the database is not validated again.

Implementation Details. We found it convenient to create a parent class, "Validator", whose children store all the data to be read from the web and stored in the database. The idea is to have objects that know how to display themselves in forms, how to validate the returned values, and to display themselves as results. Validation may take the form of a regular expression, or must be one in a list of allowed values, etc... Validators can return their own error type, "InvalidInput". The following UML diagram shows all the variants of the Validator class:
UML diagram Bigger view