|
|
|
|
|
|
by koto1sa
2524 days ago
|
|
|
Exactly. That said, because the API itself is typed, it is possible to have the runtime enforcement also verified when statically type-checking your application code (e.g. that innerHTML is passed a TrustedHTML value, and not a string) in Flow, TypeScript or type-aware linters - like this: https://youtu.be/1KQngEZ8qH4?t=1330 |
|
|