I'm curious about the assertion that Weasyl "appears to be hand-coded"; by that do you mean that it's 100% from scratch? I know that it's coded in Python, and I'd be rather surprised if it isn't built on a web framework, which -- at least if you're using them right -- should be pretty robust against most common security vulnerabilities. (I know both Django and Flask have a substantial set of extensions to build with; I'm not too familiar with Pyramid yet but I'd assume something similar.)
I'm curious about the assertion that Weasyl "appears to be hand-coded"; by that do you mean that it's 100% from scratch? I know that it's coded in Python, and I'd be rather surprised if it isn't built on a web framework, which -- at least if you're using them right -- should be pretty robust against most common security vulnerabilities. (I know both Django and Flask have a substantial set of extensions to build with; I'm not too familiar with Pyramid yet but I'd assume something similar.)
— Chipotle