Closed seanmturley closed 7 months ago
Some post titles contain HTML special characters which are not currently being decoded e.g.:
It looks like the best approach is to use the DOMParser API (as described on StackOverflow). Importantly, this approach avoids creating a vulnerability to Cross-Site Scripting.
This should now be fixed, though I should keep an eye out for similar issues in other fields beyond the title.
Description
Some post titles contain HTML special characters which are not currently being decoded e.g.:
Approach
It looks like the best approach is to use the DOMParser API (as described on StackOverflow). Importantly, this approach avoids creating a vulnerability to Cross-Site Scripting.