Clarification 1.1.2: How requirement apply to Single Page Applications (SPA) architectures

[ajayojha]

Rule: 1.1.2 - Verify that the application performs output encoding and escaping either as a final step before being used by the interpreter for which it is intended or by the interpreter itself.

SPAs have complex data flows ( from state management to components to APIs), and ensuring that encoding happens as the “final step” can be challenging.