After submitting an HTML sample in this post, #Lemmy gutted the content silently and destructively without telling me. The original text is totally lost and not recoverable. I only noticed because more than half the code was discarded.
This is terrible. It’s perhaps understandable that raw HTML might have security issues if it appears as-is, so of course the angle brackets should be automatically encoded as literals by the submission processing modules. The status quo is obviously a #LemmyBug because authors are not even warned about the destruction and given a chance to preserve their work. It just gets trashed.
deleted by creator
Indeed. And it’s a needlessly destructive form of sanitization. That is, sanitizing properly normally means replacing the special characters with an encoding to ensure literals render.
Ever since they had the xss problem they’ve basically nuked any html elements in any scenario
It’s like watching php devs in the early 2000s.
