|
|
|
|
|
|
by bawolff
1906 days ago
|
|
|
More specificly im saying, the web is designed around making network requests. If your threat model is not to make network requests, you shouldn't try and sanitize html vis blacklists because you'll be in for a bad tine (responding to the grandparent's list of html leaks not the article. I agree that its unreasonable that the txt file does anything. The mistake is in the apple devs trying to sanitize html which is doomed to failure) |
|
|