I've seen projects like this in the past - either you have skilled people and use a strict CSP from the start, or the footguns of dynamiically crafting objects ultimately leads to a bunch of XSS that (probably) wouldn't have happened with mature frameworks
slim|4 years ago