You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Header IDs can be abused to hijack IDs already in use by the site:
h1#artist-commentary. Look at me! - style a comment obnoxiously.
h1#add-to-favorites. nope - break the 'F to favorite' hotkey (may need to put this in a flag message to ensure it's high enough in the HTML to hijack the $("#add-to-favorites") javascript).
I suggest that header IDs must follow a safe format that won't interfere with site IDs. Maybe something like h1#dtext-blah-blah. or h1#header-blah-blah.
The text was updated successfully, but these errors were encountered:
https://danbooru.donmai.us/forum_posts/119633 suggest changing dtext- prefix to something more descriptive. Either way, old dtext.rb and corresponding test for it should be fixed to reflect this, too.
Header IDs can be abused to hijack IDs already in use by the site:
h1#artist-commentary. Look at me!
- style a comment obnoxiously.h1#add-to-favorites. nope
- break the 'F to favorite' hotkey (may need to put this in a flag message to ensure it's high enough in the HTML to hijack the$("#add-to-favorites")
javascript).I suggest that header IDs must follow a safe format that won't interfere with site IDs. Maybe something like
h1#dtext-blah-blah.
orh1#header-blah-blah
.The text was updated successfully, but these errors were encountered: