On 2022-03-21, Gregory P. Smith wrote:
> TL;DR - PEP 675 allows type checkers to help prevent bugs allowing
> attacker-controlled data to be passed to APIs that declare themselves as
> requiring literal, in-code strings.

Great idea.  I did something like this for HTML templating in the
Quixote web framework (to avoid XSS bugs).  I did it as a special
kind of module with a slightly different compiler (using AST
transform).  With the LiteralString feature, I can implement the
same kind of thing directly in Python.
_______________________________________________
Python-Dev mailing list -- python-dev@python.org
To unsubscribe send an email to python-dev-le...@python.org
https://mail.python.org/mailman3/lists/python-dev.python.org/
Message archived at 
https://mail.python.org/archives/list/python-dev@python.org/message/LVLMHYESDODJCH57KSEY6AAVM65IMYYD/
Code of Conduct: http://python.org/psf/codeofconduct/

Reply via email to