This is a nice writeup. This is one area where my web+Perl background still helps me today: “taint mode” taught me to be extremely vigilant about validating my inputs. I really think Javascript needs a taint mode too.
Originally shared by Abraham Williams