- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Mon, 11 Mar 2013 11:19:23 -0400
- To: public-script-coord@w3.org
Since no one responded to this.... On 3/7/13 11:36 PM, Mike Samuel wrote: > I talk about different kinds of developers (library authors, > application authors) writing code and you say things that suggest to > me that you think the bulk of web developers are going to be writing > large amounts of security-critical code. The bulk of web developers nowadays need to show some sort of externally-provided untrusted strings on a web page, and this is sadly a security-critical operation. Right now a lot of this happens server-side, but people want to move this client-side to avoid server round-trips. In fact, I'm having a bit of a hard time thinking of sites that _don't_ have to do this at the moment. Not sure whether that answers your question, Boris
Received on Monday, 11 March 2013 15:19:53 UTC