[vouwfietsman]

Not sure the escaping/sanitizing proposition can hold a candle to the overwhelming performance dumpster fire that is modern web dev.

[carlmr]

I was going to say this sounds like optimizing the stuff that takes 0.1% of runtime for performance over safety.

Of course you'd need to measure this for your application, but without a performance measurement maybe it's better to default to security.