In-reply-to » @prologic have you seeing this? No but reading a bit of that post:

Because dynamic behavior is added to the page using normal HTML tags with custom attributes, it is difficult to provide additional security against cross-site scripting (XSS) attacks.

Is complete bullshit. It’s like one line of code (if you can call HTML “code”)

⤋ Read More