W3C home > Mailing lists > Public > public-script-coord@w3.org > January to March 2013

Re: E4H and constructing DOMs

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Mon, 11 Mar 2013 11:19:23 -0400
Message-ID: <513DF5FB.7050906@mit.edu>
To: public-script-coord@w3.org
Since no one responded to this....

On 3/7/13 11:36 PM, Mike Samuel wrote:
> I talk about different kinds of developers (library authors,
> application authors) writing code and you say things that suggest to
> me that you think the bulk of web developers are going to be writing
> large amounts of security-critical code.

The bulk of web developers nowadays need to show some sort of 
externally-provided untrusted strings on a web page, and this is sadly a 
security-critical operation.  Right now a lot of this happens 
server-side, but people want to move this client-side to avoid server 
round-trips.

In fact, I'm having a bit of a hard time thinking of sites that _don't_ 
have to do this at the moment.

Not sure whether that answers your question,
Boris
Received on Monday, 11 March 2013 15:19:53 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 8 May 2013 19:30:09 UTC