@jeffalo /chat may have a few xss vulnerabilities, but just HTML, no scripting (good job you are good at this)
it’s intended :) it works the same as posts & comments, and is properly sanitized by dompurify
ahh ok (makes sense)
time to look at DOMpurify
just wondering, does it allow style or no?