Yes, although a slightly more relevant way of putting it would be that it's an inbuilt DOMPurify (dompurify being an npm package commonly used to sanitize html before injecting it).
Is this basically doing the same thing as https now? But for http, and firefox just never implemented a simple fix for it's entire existence until now?
I obviously know nothing about this, but I still find it fascinating. Or am I off my block.
XSS isn't related to https/ssl, ssl is the secure conncetion between you and the server, but xss is the injection of data into the site which will be executed in your browser in this case. The connection isnt relevant.
I obviously know nothing about this, but I still find it fascinating. Or am I off my block.