There is a beautiful (and secure!) client-side application development platform hidden inside the tangled web of specifications and implementations on the internet today. Limiting ourselves to just those bits and pieces that do The Right Thing™ with regard to security gives us a fighting chance of writing code that doesn't give attackers open access to users' sensitive data. We'll walk through those together in this talk.