> You can think of TrustedHTML as an interface indicating that a string has been somehow specially "blessed" as safe... Sanitized.<p>Unfortunate naming. "Trusted" is one of those words which has taken on its own opposite as a meaning. Like "redundant" or "cope".<p>This feature would be Checked/Validated/Trustworthy/Safe. Values would end up in this state if you did not trust them and needed to check them.
I'm not quite sure I follow the theat model here?<p>> But wait... can't someone come along then and just create a more lenient policy called default? No! That will throw an exception!<p>Who is "someone" in this situation? And why are they able to execute arbitrary JavaScript code in the user's browser, yet the user is somehow protected by a string sanitization policy?