revisit "Countermeasures" section

[TallTed]

https://github.com/solid/security-considerations/blob/d2dc6d6725fc74904201bf5e9bd8d0c644334b56/index.bs#L112-L115

The first bullet under countermeasures is more of a vulnerability than a countermeasure, and should be moved.... or rephrased to focus on how "same-origin security boundaries" can work as a countermeasure.

(The current point of the first bullet should be moved to the vulnerabilities section, or start a new section focusing on this vulnerability, if the document restructuring discussed previously is implemented.)

Having only one or two countermeasures seems insufficient for an entire section, meant to address all vulnerabilities. But having few countermeasures is fine if they are addressing a single vulnerability, as in the previously suggested restructuring.

[josephguillaume]

Just adding link to existing discussion: Prevent or sanitise HTML on write by default for unauthenticated users https://github.com/CommunitySolidServer/CommunitySolidServer/issues/1596

Limiting writing of executable code should be included as a partial countermeasure, at least:

• Prevent or sanitise HTML on write by default for unauthenticated users
• Use data validation constraints - if a container should only contain RDF, don't allow writing executable code in any form, including HTML, js, markdown with unsanitised HTML..., SVG ...