Am Do., 10. Juni 2021 um 17:56 Uhr schrieb Stephen J. Turnbull <
turnbull.stephen...@u.tsukuba.ac.jp>:
> Thomas Güttler writes:
>
> > This really helps developers to avoid cross-site-scripting attacks
> > by enabling a secure escaping of all strings which are not
> > explicitly marked as safe.
Thomas Güttler writes:
> Am Fr., 11. Juni 2021 um 03:17 Uhr schrieb Stephan Hoyer :
> > Unevaluated f-strings is a nice way to think about this
> > functionality.
But they're not "unevaluated" in a lot of important ways. A better
term might be "pre-assembled". :-)
> > Another use-case that
Am Fr., 11. Juni 2021 um 11:10 Uhr schrieb Stephen J. Turnbull <
turnbull.stephen...@u.tsukuba.ac.jp>:
> Thomas Güttler writes:
> > Am Fr., 11. Juni 2021 um 03:17 Uhr schrieb Stephan Hoyer <
> sho...@gmail.com>:
>
> > > Unevaluated f-strings is a nice way to think about this
> > > functionality
On Fri, Jun 11, 2021 at 10:01:06AM +1000, Cameron Simpson wrote:
> Another thing to keep in mind with any syntax suggestion (not that it
> applies well here, because really, what else can your suggestion mean?)
> it that every addition syntax is a detour into the unused space of
> possible toke
I think this idea is promising but instead of doing it by adding new syntax
and a totally different object, why not attach a __templates__ dunder
member to every string but only OPTIONALLY populate it when a string is
formatted?
For every regular string it would just be None:
>>> "".__template__
Dear Python developers,
It would be helpful, if the following issue with copy-pasting python
code-snippets into the standard shell console, could be investigated and
corrected.
https://stackoverflow.com/questions/2501208/copying-and-pasting-code-into-the-python-interpreter
In particular, cop
non sequitur
Route functions as seen in flask or fastapi.
These functions are often decorated by a route, and may not apply here but
are often found with routes that return a page that doesn't take parameters
such as a home page or a contact page.
On Thu, Jun 10, 2021, 10:30 PM Cameron Simpson
Am Fr., 11. Juni 2021 um 14:51 Uhr schrieb Ricky Teachey :
> I think this idea is promising but instead of doing it by adding new
> syntax and a totally different object, why not attach a __templates__
> dunder member to every string but only OPTIONALLY populate it when a string
> is formatted?
>
On Fri, Jun 11, 2021 at 10:12 AM Thomas Güttler
wrote:
>
>
> Am Fr., 11. Juni 2021 um 14:51 Uhr schrieb Ricky Teachey <
> ri...@teachey.org>:
>
>> I think this idea is promising but instead of doing it by adding new
>> syntax and a totally different object, why not attach a __templates__
>> dunde
El jue, 10 jun 2021 a las 19:30, Cameron Simpson () escribió:
> On 11Jun2021 10:01, Cameron Simpson wrote:
> >So your idea does not suck. But it may not motivate anyone to implement
> >it, or even to agreed that it should be implemented.
>
> It also struck me: functions with _no_ parameters are p
On Fri, Jun 11, 2021 at 7:47 AM Jelle Zijlstra
wrote:
>
> El jue, 10 jun 2021 a las 19:30, Cameron Simpson ()
> escribió:
>
>> On 11Jun2021 10:01, Cameron Simpson wrote:
>>
>> It also struck me: functions with _no_ parameters are pretty rare.
>>
>> [...]
>>
> I got curious so I checked a large c
Thomas Güttler writes:
> I don't understand what you mean with "pragma
> %conditional_escape_everything".
> Could you please elaborate?
"Pragma" just means it's a way to switch on conditional_escape for all
template variable accesses for the rest of the file.
The main point is that Django alr
On Fri, Jun 11, 2021 at 2:37 AM Thomas Güttler
wrote:
> If you don't create HTML with Python daily, then you might not feel the
> pain.
>
If you create many HTML strings daily, then you will be typing `foo=foo,
> bar=bar` (to pass the variables
> into the template) over and over again.
> My goal
13 matches
Mail list logo
