[rini17]

Does Rust allow for taint analysis too like Perl has for long time? If not I'd say it's missed opportunity.

(It marks all untrusted input as tainted and programmer must explicitly parse the data or mark them untainted to pass them further.)

[palotasb]

In Rust, or any statically typed language such as C++ or Java, the idiomatic way to handle untrusted input is to treat it as a "bag of bytes" before you access it. Then either parse it into a strongly typed object or bail out of parsing. The strongly typed object is safe to use. Bailing out (throwing an exception or returning an error type) does not allow the program to continue assuming that the (malformed) input was correct.

[chopin]

More to the point, you should put untrusted input into a different type from trusted input. As much as I admire the design of the servlet API I think the biggest mistake is that everything is transmitted as Strings. The input characters should have had a different type than the output characters.

[steveklabnik]

There's not a language feature to do so, but you can do it through the type system if you wish.

[SamReidHughes]

That's a feature that might work well with some plausible ways of guaranteeing memory safety in a type system because object reachability is a form of taintedness.