**‍fuchsiaaaaaaaaaaaaaaaaa** @f0x@pixie.town · Jun 29, 2022, 16:33

**‍fuchsiaaaaaaaaaaaaaaaaa** @f0x@pixie.town · Jun 29, 2022, 16:33

‍fuchsiaaaaaaaaaaaaaaaaa @f0x@pixie.town

Jun 29, 2022, 16:33

‍fuchsiaaaaaaaaaaaaaaaaa @f0x@pixie.town

uhhh cohost.org allows arbitrary html/css in posts?!?!?!?

**fruitbat** @pastelpunkbandit@kittycat.homes · Jun 29, 2022, 16:34

**fruitbat** @pastelpunkbandit@kittycat.homes · Jun 29, 2022, 16:34

Jun 29, 2022, 16:34

fruitbat @pastelpunkbandit@kittycat.homes

@f0x oh this website keeps getting better this is gonna be real good for accessibility

**‍fuchsiaaaaaaaaaaaaaaaaa** @f0x@pixie.town · 2022-06-29T16:35:45Z

‍fuchsiaaaaaaaaaaaaaaaaa @f0x@pixie.town

@pastelpunkbandit it's also a *massive* security vulnerability. Your post can easily overlap the entire page, overlapping/replacing UI elements etc. Like smh at least iframe your user content

Jun 29, 2022, 16:35 · · · ·

**fruitbat** @pastelpunkbandit@kittycat.homes · Jun 29, 2022, 16:38

**fruitbat** @pastelpunkbandit@kittycat.homes · Jun 29, 2022, 16:38

Jun 29, 2022, 16:38

fruitbat @pastelpunkbandit@kittycat.homes

@f0x oh,,, i was assuming it was gonna work with an iframe + clear indicator around that
guess not?!?!? that sounds rlly bad omg
do they at least stop you from putting js in there?

**‍fuchsiaaaaaaaaaaaaaaaaa** @f0x@pixie.town · Jun 29, 2022, 16:41

**‍fuchsiaaaaaaaaaaaaaaaaa** @f0x@pixie.town · Jun 29, 2022, 16:41

Jun 29, 2022, 16:41

‍fuchsiaaaaaaaaaaaaaaaaa @f0x@pixie.town

@pastelpunkbandit it's hard to tell what is/isn't possible without having an account, but it's not looking good..

Resources

Developers

What is Mastodon?

pixie.town

More…