| ▲ | davepeck 9 days ago | |
> the Template -> string function There is no such function; Template.__str__() returns Template.__repr__() which is very unlikely to be useful. You pretty much have to process your Template instance in some way before converting to a string. | ||
| ▲ | ratorx 9 days ago | parent [-] | |
Right, but it is possible to write a template -> string function that doesn’t sanitise and use it (or more realistically use the wrong one). Just as it’s possible to unsafely cast an unsafe string to a sanitised one and use it (rather than use a sanitise function that returns the wrapper type). They are both similar in their unsafety. | ||