vercte @vercte

@jeffalo /chat may have a few xss vulnerabilities, but just HTML, no scripting (good job you are good at this)

May 9, 2022, 5:43 PM
4
View all

comments

Highlighted comment

it’s intended :) it works the same as posts & comments, and is properly sanitized by dompurify

ahh ok (makes sense)

time to look at DOMpurify

just wondering, does it allow style or no?