html img tag with data-URI, but no data

minimaxir / big-list-of-naughty-strings

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

MIT License

46.21k stars 2.13k forks source link

html img tag with data-URI, but no data #208

Open quite opened 4 years ago

quite commented 4 years ago

<img src="data:image/PNG;base64,"/>

And perhaps a whole swathe of other data-URI things? ... exposing parsing logic here :)

kugg commented 4 years ago

Haha

On Thursday, May 7, 2020, Daniel Lublin notifications@github.com wrote:

And perhaps a whole swathe of other data-URI things? :)

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/minimaxir/big-list-of-naughty-strings/issues/208, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAANFTZAS4KVMVHA7SMBPFTRQKGNTANCNFSM4M3GYOYQ .

quite commented 4 years ago

@kugg haha only serious? ;) :wave: