this post was submitted on 12 Jun 2023
6 points (100.0% liked)

Lemmy

12579 readers
3 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago
MODERATORS
 

If a post body contains an unclosed HTML tag, it will be automatically closed it at the end of window.isoData and then all Javascript functionality disappears.

top 2 comments
sorted by: hot top controversial new old
[โ€“] kakes@sh.itjust.works 1 points 1 year ago (1 children)

That's a bit concerning, isn't it? I would think the fact that HTML in the post body is being parsed at all hints at the possibility of an injection attack.

[โ€“] Threen@aussie.zone 1 points 1 year ago* (last edited 1 year ago)

Yeah, very concerning!

I think it is related to this change, so maybe the sanitize is causing the issue here.