> *This isn't an issue with HTML, it's an issue with human error.* All security ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

TeMPOraL on Sept 23, 2017 | parent | context | favorite | on: It’s time to kill the web app

> This isn't an issue with HTML, it's an issue with human error.

All security issues are due to human error. Those are solved by building better tools.

> If this was the case, it would be near-impossible to write HTML by hand.

If, besides the text form, there would be a well-defined length-prefixed binary representation, we could simply compile HTML to binary-HTML, which would immediately made the web not only safer, but also much more efficient (it's scary if you think just how much parsing and reparsing goes on when displaying a web page).

lou1306 on Sept 23, 2017 [–]

One could build something similar by using a set of "conventional" canonical S-expressions: https://en.wikipedia.org/wiki/Canonical_S-expressions

krapp on Sept 23, 2017 | [–]

Prefixes for character length? Is that a better choice than byte size or would it even matter?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact