this post was submitted on 18 Oct 2023
6 points (100.0% liked)

techsupport

2773 readers
39 users here now

The Lemmy community will help you with your tech problems and questions about anything here. Do not be shy, we will try to help you.

If something works or if you find a solution to your problem let us know it will be greatly apreciated.

Rules: instance rules + stay on topic

Partnered communities:

You Should Know

Reddit

Software gore

Recommendations

founded 2 years ago
MODERATORS
[email protected]
6
HTML posting? (lemmy.world)
submitted 2 years ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
 

Any way to create posts using original (not scraped) HTML? Easier to put together and looks better. If not, I'd sure like to see that happen.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 2 years ago (4 children)

I believe you can only use markdown. Allowing user input in HTML is incredibly dangerous unless you're very, very careful about sanitizing it. I had to deal with this at a previous job and it's a nightmare for security.

[–] [email protected] 1 points 2 years ago (1 children)

I’m a newbie, but aren‘t there quite a few HTML Tags you can use in Markdown? Why aren‘t they considered dangerous? Or is it just a few tags that would be dangerous, that aren‘t supported in markdown?

[–] [email protected] 2 points 2 years ago

Markdown is interpreted and translated into HTML. There are tons of vulnerable tags. Even a simple img tag can be used for cross site scripting.

load more comments (2 replies)