Unsafe HTML should be a breaking flaw #3177
Assignees
Comments
peterbe
added a commit
to peterbe/yari
that referenced
this issue
Mar 10, 2021
escattone
added a commit
that referenced
this issue
Mar 11, 2021
* Unsafe HTML should be a breaking flaw Part of #3177 * tests * undo unnecessary if statement * restore newline * Update testing/content/files/en-us/web/unsafe_html/index.html * Update testing/content/files/en-us/web/unsafe_html/index.html Co-authored-by: Ryan Johnson <escattone@gmail.com>
peterbe
added a commit
to peterbe/yari
that referenced
this issue
Jun 1, 2021
* Unsafe HTML should be a breaking flaw Part of mdn#3177 * tests * undo unnecessary if statement * restore newline * Update testing/content/files/en-us/web/unsafe_html/index.html * Update testing/content/files/en-us/web/unsafe_html/index.html Co-authored-by: Ryan Johnson <escattone@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The scenario is that someone tries to sneak in some unsafe HTML into a PR. It should break the PR build (on the content) and raise awareness/attention so it doesn't easily get merged.
For example
<script>or<p onmouseover="bad()">.The text was updated successfully, but these errors were encountered: