This new, awesome site is using the framework Yesod[0], which is kinda like the Rails of the Haskell world, only it can do rad stuff like prevent XSS and 404s at compile time. Yes, you read that right.
You know what is REALLY cool? Almost all haskell web frameworks use the Web Application Interface[0]. Which is a unified interface for haskell web applications. This means you can mount web applications written in OTHER frameworks under your routes and vica versa.
2. XSS injection. Any html coming back from a form will be efficiently sanitized just once on arrival. Unsanitized strings will be sanitized before being displayed.
I suspect this is accomplished through safe vs. unsafe types. Imagine the only function from `unsafe___` to `safe___` is the escape function, and all functions giving text back in responses is require to be of type `safe___`.
Presumably the idea is that you can prevent your site having broken internal links by constructing links with data types and checking the links when creating them at compile time. You could actually do something similar in most languages, even dynamic ones, so I don't see what is specific to haskell about it, e.g. rails has link_to and friends which require you to have a route set up in order to link to it (though not compile time). Golang has similar protection for XSS and reverse routes on routers if you require it so again not specific to Haskell.
Clearly you won't be able to prevent (nor would you want to) links like yours above from being a 404, so perhaps no more internal 404s would be more accurate.
Let's be fair here, while you can detect invalid internal links in dynamic languages at runtime, the end result is basically the same for the user - a 404 or a 503 are equally bad in this case.
That's the advantage of compiled languages over dynamic ones in these kinds of scenarios: you sacrifice immediate feedback during development to gain a guarantee from the compiler that all invariants you embedded in the application uphold. And the more powerful the language/compiler combination, the more compile-time guarantees you can specify.
Users of dynamic languages tend to use tests to check for errors that stronger types might catch (like broken links), but I agree having a formal guarantee is a slight advantage, though not specific to Haskell. Golang for example could easily provide similar checking.
The linked website is beautifully done, and the language does look interesting, I just find the hyperbole about static types making websites magically secure a little over-egged - it's still easy to mess up security or create subtle bugs even if you have strong guarantees about some parts of your code at compile time provided by types.
I don't know who the downvoter is but I think it's a silly claim to be proud of. Anything more complex than a simple template system can enforce referential integrity of internal links by making the programmer refer to other pages on the site with some kind of handle. It's not rocket science and doing it with the (elaborate) type system isn't necessarily a selling point, in my opinion.
[0] http://www.yesodweb.com/