I see your claims against all of that, some more obvious than others, some are a bit outdated. I'm not going to discuss the up and downsides. All I am saying is I don't see any proof. No links, no references, no proof-of-concept JS manipulation. Nothing. Only accusations and assumptions.
When one makes quite huge accusations, as these are obviously, going strong against best practices laid out by researches, both from Google and Amazon (and probably a lot more), it would be better to not only hate-talk, but also - quite simply - proof. Show, for example, how you can intercept JS sent from the server via https. Or show how somebody did that. Or how you are going to XSS in any major JS Framework out there. Or at least link some examples when you make assumptions that all JS crypto won't work because of things like
> "cross-site scripting". Virtually every popular web
> application ever deployed has fallen victim to this problem
XSS Sanitation was for long time a problem and, of course, it still is, when used the wrong way. There were plenty of hacks and attacks using cross site scripting, no doubt.
or
> WHAT SYSTEMS PROGRAMMING FUNCTIONALITY DOES JAVASCRIPT LACK?
> Here's a starting point: a secure random number generator.
When one makes quite huge accusations, as these are obviously, going strong against best practices laid out by researches, both from Google and Amazon (and probably a lot more), it would be better to not only hate-talk, but also - quite simply - proof. Show, for example, how you can intercept JS sent from the server via https. Or show how somebody did that. Or how you are going to XSS in any major JS Framework out there. Or at least link some examples when you make assumptions that all JS crypto won't work because of things like
> "cross-site scripting". Virtually every popular web > application ever deployed has fallen victim to this problem
XSS Sanitation was for long time a problem and, of course, it still is, when used the wrong way. There were plenty of hacks and attacks using cross site scripting, no doubt.
or
> WHAT SYSTEMS PROGRAMMING FUNCTIONALITY DOES JAVASCRIPT LACK? > Here's a starting point: a secure random number generator.
https://www.w3.org/TR/WebCryptoAPI/#dfnReturnLink-0
... and so on ...