Be Careful with Python’s New-Style String Format

This should have been obvious to me for a longer time, but until earlier
today I did not really realize the severity of the issues caused by
str.format on untrusted user input. It came up as a way to bypass the
Jinja2 Sandbox in a way that would permit r…

Read full article

Similar

Python dictionary algorithm and hash table vulnerability

Short description of an algorithm for python dictionary, and hash table attack... (more…)

Python at Scale: Strict Modules

Welcome to the third post in our series on Python at scale at Instagram! As we mentioned in the first post in the series, Instagram Server… (more…)

Customizing class creation in Python

When one thinks of ways of customizing classes at creation time, people probably typically think of metaclasses and class decorators. Metaclasses are at typically viewed as the beginning of class creation while class decorators are at the end. But what yo... (more…)

ciso8601: Fast ISO8601 date time parser for Python written in C

Fast ISO8601 date time parser for Python written in C - GitHub - closeio/ciso8601: Fast ISO8601 date time parser for Python written in C... (more…)

Japronto micro-framework: Million requests per second with Python

Is it possible? Probably not until recently. Many large companies have been investigating migrating to other programming languages to boost…...

Latest News

Workers could be the ones to regulate AI

Quality of JavaScript and TypeScript Applications on GitHub

Sob story about dead grandma tricks Microsoft AI into solving CAPTCHA