HA
Haskell Security
Haskell security practices for input validation, safe serialisation, and avoiding unsafe extensions
Details
Language / Topic
HaskellCategory
Security
Rules
balanced
- Avoid `{-# LANGUAGE UnsafeFFI #-}` and `unsafePerformIO` outside of well-tested, isolated FFI wrappers — they break referential transparency and can introduce data races.
- Use `aeson`'s `genericParseJSON` with explicit field modifiers rather than manual `parseJSON` to reduce the risk of missing required fields.
- Use `crypton` (the maintained fork of `cryptonite`) for cryptographic primitives — never implement custom cipher or hash routines.
- Validate all external input at the boundary using `megaparsec` or `attoparsec` parsers that reject malformed data before it reaches business logic.
- Use `postgresql-simple`'s `Only` and `In` query parameter types or `persistent`'s typed queries — never splice raw `Text` into SQL strings.
- Use `Web.HttpApiData` or `servant`'s typed routing to decode and validate URL parameters — avoid manual `read` on user-supplied strings.
- Redact sensitive values from log output by wrapping them in a `newtype` with a custom `Show` instance that prints `***REDACTED***`.