[prev in list] [next in list] [prev in thread] [next in thread] 

List:       python-dev
Subject:    [Python-Dev] Re: Accepting PEP 675 - Arbitrary Literal String Type
From:       Neil Schemenauer <nas-python () arctrix ! com>
Date:       2022-03-21 20:42:00
Message-ID: YjjjGLqLjq7Qg+dq () python ! ca
[Download RAW message or body]

On 2022-03-21, Gregory P. Smith wrote:
> TL;DR - PEP 675 allows type checkers to help prevent bugs allowing
> attacker-controlled data to be passed to APIs that declare themselves as
> requiring literal, in-code strings.

Great idea.  I did something like this for HTML templating in the
Quixote web framework (to avoid XSS bugs).  I did it as a special
kind of module with a slightly different compiler (using AST
transform).  With the LiteralString feature, I can implement the
same kind of thing directly in Python.
_______________________________________________
Python-Dev mailing list -- python-dev@python.org
To unsubscribe send an email to python-dev-leave@python.org
https://mail.python.org/mailman3/lists/python-dev.python.org/
Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/LVLMHYESDODJCH57KSEY6AAVM65IMYYD/
 Code of Conduct: http://python.org/psf/codeofconduct/


[prev in list] [next in list] [prev in thread] [next in thread]