@bluca @pid_eins @phako Most people can't think adversarially...

@bluca @pid_eins @phako Most people can't think adversarially when writing code, which means using js to configure access to a high privileges is very risky. And can't be easily checked for correctness.

If you do anything more complex than just assigning variables you risk opening huge holes by not paying attention at how things are evaluated.

Like 29 April at 12:32 | Wall-to-wall | Open on fosstodon.org