Baldur Bjarnason

... works as a web developer in Hveragerði, Iceland, and writes about the web, digital publishing, and web/product development

These are his notes

I wonder how many devs who have an atavistic rejection of using eval realise that innerHTML is even more dangerous and also evaluates code. How many of them religiously avoid eval, even when it would be the best solution but then ‘innerHTML’ everything?