-
-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
htmlspecialchars() reply content before dislaying? #2
Comments
No, i don't use any stripping, this is purely the mf2 parser that seems to strip it when using p-summary. I will update the plugin to the latest version and will run some tests. Thanks for tip! |
Can you please change your code (form md) back to html and resend the mention? |
I am totally sorry! you are sooo right! can you please change your code to the old one, so i could run some tests? |
I take everything back! I am right though!! you use a not < http://example.com > encoded instead < http://example.com > and that is ignored by the mf2 parser because he thinks it's a html-tag and ignores it! http://pin13.net/mf2/?url=http%3A%2F%2Fwww.sandeep.io%2F92 |
I sent a comment with <http://example.com>, which is Markdown for linking tags but it disappeared on you blog. I'm guessing you are filtering html. Do you want to consider encoding it instead using htmlspecialchars() (P.S. I haven't done enough research on the security implications of this though) ?
The text was updated successfully, but these errors were encountered: