Or we can use type systems to automatically escape. No more XSS injections _and_... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		theamk on May 26, 2023 \| parent \| context \| favorite \| on: That people produce HTML with string templates is ... Or we can use type systems to automatically escape. No more XSS injections _and_ still as easy as string concatenation. Python's MarkupSafe (used in jinja) and go's html/template are good examples.

jameshart on May 26, 2023 [–]

That would be in the category of ‘better tools for making grammatical structures’.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact