The short answer is: Yes. Absolutely. You might think that in 2018 every JavaScript developer actively thought about this question. Cyber security is in the news every single day, and for years groups like OWASP have been preaching for XSS attacks to be taken more seriously. Sadly I have to acknowledge my own shortcomings in…