I mean, I have been using web2py that has the security in the description (just like gotham) in the project description and in the doc it is explained like this: http://www.web2py.com/book/default/chapter/01#Security so how is security enforced in gotham? or is only by rust (so all other rust frameworks could also put secure in their description?).

Thanks.

Security is an ongoing and continual concern in the design and discussion process of Gotham. It's a lighter-touch framework than web2py, and as a result it can't protect developers to the same degree. That said, I'll candidly express some misgivings about using the OWASP Top Ten as a checklist for framework development.

Yes, please do, and it would be nice if security is in some place "documented" or expressed.

Maybe (just saying) "Its dependencies are built with security in mind. Enjoy default protection from injection attacks, data integrity checks, and secure cookie generation on the client side."