[prev in list] [next in list] [prev in thread] [next in thread]
List: python-dev
Subject: [Python-Dev] Re: Accepting PEP 675 - Arbitrary Literal String Type
From: Neil Schemenauer <nas-python () arctrix ! com>
Date: 2022-03-21 20:42:00
Message-ID: YjjjGLqLjq7Qg+dq () python ! ca
[Download RAW message or body]
On 2022-03-21, Gregory P. Smith wrote:
> TL;DR - PEP 675 allows type checkers to help prevent bugs allowing
> attacker-controlled data to be passed to APIs that declare themselves as
> requiring literal, in-code strings.
Great idea. I did something like this for HTML templating in the
Quixote web framework (to avoid XSS bugs). I did it as a special
kind of module with a slightly different compiler (using AST
transform). With the LiteralString feature, I can implement the
same kind of thing directly in Python.
_______________________________________________
Python-Dev mailing list -- python-dev@python.org
To unsubscribe send an email to python-dev-leave@python.org
https://mail.python.org/mailman3/lists/python-dev.python.org/
Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/LVLMHYESDODJCH57KSEY6AAVM65IMYYD/
Code of Conduct: http://python.org/psf/codeofconduct/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic