Review risks of leaking internal variables

Question

rabdill opened this issue 6 years ago · comments

If someone posts a paper with a string that will print a password, that would not be ideal
http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/

Rich Abdill · Answer 1 · Wed Oct 24 2018 10:39:50 GMT+0800 (China Standard Time)

This is only a problem if you call .format() ON user input, not passing user input TO .format(), nevermind