You are viewing a single thread.
View all comments
2 points

That was a bug in a lemmy 0.18.X, where it introduced sanitation against XSS. After XSS attack had happened. Which was introduced with the custom smiley feature, which allowed arbitary js to be executed on every client.

Which then was removed in 0.19. When I had discussion with the Lemmy devs that this responsibility lays on the clients to properly santize this. (Display text as text, fault layed in Lemmy UI)

permalink
report
reply

Jerboa

!jerboa@lemmy.ml

Create post

Jerboa is a native-android client for Lemmy, built using the native android framework, Jetpack Compose.

Warning: You can submit issues, but between Lemmy and lemmy-ui, I probably won’t have too much time to work on them. Learn jetpack compose like I did if you want to help make this app better.

Built With

Features

Installation / Releases

Support / Donate

Jerboa is made by Lemmy’s developers, and is free, open-source software, meaning no advertising, monetizing, or venture capital, ever. Your donations directly support full-time development of the project.

Crypto

  • bitcoin: 1Hefs7miXS5ff5Ck5xvmjKjXf5242KzRtK
  • ethereum: 0x400c96c96acbC6E7B3B43B1dc1BB446540a88A01
  • monero: 41taVyY6e1xApqKyMVDRVxJ76sPkfZhALLTjRvVKpaAh2pBd4wv9RgYj1tSPrx8wc6iE1uWUfjtQdTmTy2FGMeChGVKPQuV
  • cardano: addr1q858t89l2ym6xmrugjs0af9cslfwvnvsh2xxp6x4dcez7pf5tushkp4wl7zxfhm2djp6gq60dk4cmc7seaza5p3slx0sakjutm

Contact

Community stats

  • 152

    Monthly active users

  • 498

    Posts

  • 2.8K

    Comments

Community moderators