After submitting an HTML sample in this post, #Lemmy gutted the content silently and destructively without telling me. The original text is totally lost and not recoverable. I only noticed because more than half the code was discarded.

This is terrible. It’s perhaps understandable that raw HTML might have security issues if it appears as-is, so of course the angle brackets should be automatically encoded as literals by the submission processing modules. The status quo is obviously a #LemmyBug because authors are not even warned about the destruction and given a chance to preserve their work. It just gets trashed.

    • @[email protected]OP
      link
      fedilink
      21 year ago

      Indeed. And it’s a needlessly destructive form of sanitization. That is, sanitizing properly normally means replacing the special characters with an encoding to ensure literals render.

      • Big P
        link
        fedilink
        English
        41 year ago

        Ever since they had the xss problem they’ve basically nuked any html elements in any scenario