[HN Gopher] The Blessing of the Strings
       ___________________________________________________________________
        
       The Blessing of the Strings
        
       Author : lumpa
       Score  : 12 points
       Date   : 2024-04-06 14:38 UTC (1 days ago)
        
 (HTM) web link (bkardell.com)
 (TXT) w3m dump (bkardell.com)
        
       | mrkeen wrote:
       | > You can think of TrustedHTML as an interface indicating that a
       | string has been somehow specially "blessed" as safe... Sanitized.
       | 
       | Unfortunate naming. "Trusted" is one of those words which has
       | taken on its own opposite as a meaning. Like "redundant" or
       | "cope".
       | 
       | This feature would be Checked/Validated/Trustworthy/Safe. Values
       | would end up in this state if you did not trust them and needed
       | to check them.
        
         | semi-extrinsic wrote:
         | I recall many moons ago, I used OpenSuse in my local language,
         | and "Untrusted" had been translated as though it meant
         | "Untrustworthy". Hilarity ensued.
        
         | sublinear wrote:
         | I agree "sanitized" is the only accurate term for this.
         | 
         | I think the reason they bother using any other word is the
         | assumption that some web developers aren't familiar with the
         | term, or maybe to score points with pointy haired bosses that
         | absolutely should not be working in the industry in 2024.
        
         | Thorrez wrote:
         | Well, the string can be trusted to not have a working XSS
         | attack, because it's been sanitized.
        
       | oasisaimlessly wrote:
       | TL;DR: Perl's taint mode is coming to JavaScript.
        
       ___________________________________________________________________
       (page generated 2024-04-07 23:01 UTC)