
Entry Point Regulation - aburan28
http://www.w3.org/TR/epr/
======
0x0
I bet that developers writing XSSable IoT firmware web interfaces aren't
exactly the type that would read a spec like this and implement it...

~~~
Eridrus
They're not going to see this spec, but if this gets implemented and awareness
seeps out, at some point this should become standard practice as a way to
mitigate unknown vulnerabilities without investing heavily in security.

Companies love bandaids they can add on top without changing their code.

------
bmm6o
I understand the broad strokes here, but an extended example would clarify how
exactly this prevents XSS.

