I'm not quite sure I follow the theat model here?
> But wait... can't someone come along then and just create a more lenient policy called default? No! That will throw an exception!
Who is "someone" in this situation? And why are they able to execute arbitrary JavaScript code in the user's browser, yet the user is somehow protected by a string sanitization policy?
TL;DR: Perl's taint mode is coming to JavaScript.
> You can think of TrustedHTML as an interface indicating that a string has been somehow specially "blessed" as safe... Sanitized.
Unfortunate naming. "Trusted" is one of those words which has taken on its own opposite as a meaning. Like "redundant" or "cope".
This feature would be Checked/Validated/Trustworthy/Safe. Values would end up in this state if you did not trust them and needed to check them.