Body of post adding a closing tag and breaking window.isoData · Issue #1192 · LemmyNet/lemmy-ui
github.com
Issue Summary If you post body contains something that looks like an unclosed HTML tag, it will be closed automatically and the window.isoData will break. When this happens, you cannot use the prof...

If a post body contains an unclosed HTML tag, it will be automatically closed it at the end of window.isoData and then all Javascript functionality disappears.

  • kakes@sh.itjust.worksEnglish
    2·
    1 year ago

    That’s a bit concerning, isn’t it? I would think the fact that HTML in the post body is being parsed at all hints at the possibility of an injection attack.

    • ThreenOPEnglish
      1·
      1 year ago

      Yeah, very concerning!

      I think it is related to this change, so maybe the sanitize is causing the issue here.