Open noncombatant opened 8 months ago
Hi Chris,
Sorry for the late reply. Would love to chat about your comments here and see how we can support coverage where possible.
If your down for a quick alignment, feel free to grab a US friendly time slot here I'll bring some snacks from the MK.
Some or much of this can go under 2.5 Security libraries.
eval
-type bugs (XSS, SQL injection, shell injection, et c.). For example, Go's html/template is good, Trusted Types is good; while some other web frameworks treat DOM-XSS as the fundamental feature. Basically, we need to explain Why.