"...because many paradigms carry data and commands bundled together in the same stream, with only a few special characters enforcing the boundaries. An example is Web 2.0 and other frameworks that work by blurring these lines."
Because Web 1.0 did not carry data and commands bundled together in the same stream?
Yeah, and I'm not sure what the alternative is. Why is "a few special characters" more of a problem than anything else? Is active FTP, maybe the best example of commands and data on completely different channels, all that secure, especially considering the ability to trick the server into connecting someplace else?
