On Mon, Jun 20, 2011 at 4:40 AM, James Graham <jgra...@opera.com> wrote: > FWIW I disagree. The same argument could be used against client-side form > validation since some authors might stop doing proper server-side > validation.
I agree, HTML5 forms provide a minor net security loss. However, the loss is fairly small and is easily outweighed by the non-security advantages. Here we have a proposal that only has security benefits, so if it's a net security loss by even a small margin, or even if it's only a small security gain, it's not worth it.