|
|
|
|
|
|
by jeltz
5317 days ago
|
|
|
Yeah, that is how I expect a templating system to work. The one in Rails (modified ERB)works in the same way. It has a SafeBuffer (name taken from memory) class which is a subclass of String. Strings can be converted into the safe class either by escaping or through unsafe conversion which emans that we say the string is safe. |
|
|
http://weblog.rubyonrails.org/
I'm not that familiar with lift and Yesod, but it seems like they're both able to use compile-time checks as additional layers of protection.
https://github.com/dpp/liftweb/wiki/lifts-security