We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example: https://indiewebify.me/validate-h-entry/?url=https%3A%2F%2Fpotential-xss--kizu-blog.netlify.app%2Fweekly-bookmarks-002%2F — results in an XSS, as the source had an escaped HTML inside <code> elements, but then the value gets the unescaped content (which seems to be expected).
<code>
value
I noticed this when testing the parsing of microformats for my blog as a part of IndieWebCamp — https://indiewebify.me/validate-h-entry/?url=https%3A%2F%2Fblog.kizu.dev%2Fweekly-bookmarks-002%2F — and noticing the broken output:
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Example: https://indiewebify.me/validate-h-entry/?url=https%3A%2F%2Fpotential-xss--kizu-blog.netlify.app%2Fweekly-bookmarks-002%2F — results in an XSS, as the source had an escaped HTML inside
<code>elements, but then thevaluegets the unescaped content (which seems to be expected).I noticed this when testing the parsing of microformats for my blog as a part of IndieWebCamp — https://indiewebify.me/validate-h-entry/?url=https%3A%2F%2Fblog.kizu.dev%2Fweekly-bookmarks-002%2F — and noticing the broken output:
The text was updated successfully, but these errors were encountered: