On 2022-03-21, Gregory P. Smith wrote: > TL;DR - PEP 675 allows type checkers to help prevent bugs allowing > attacker-controlled data to be passed to APIs that declare themselves as > requiring literal, in-code strings.
Great idea. I did something like this for HTML templating in the Quixote web framework (to avoid XSS bugs). I did it as a special kind of module with a slightly different compiler (using AST transform). With the LiteralString feature, I can implement the same kind of thing directly in Python. _______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/LVLMHYESDODJCH57KSEY6AAVM65IMYYD/ Code of Conduct: http://python.org/psf/codeofconduct/
