| ▲ | theanonymousone 3 hours ago | |
I hope .md domains do not become a security hole as Markdown raises in popularity... | ||
| ▲ | brian93512 10 minutes ago | parent | next [-] | |
That's a valid concern, especially given the confusion we saw with .zip or .mov TLDs. But from a security engineering perspective, the bigger 'Markdown hole' I worry about is injection. When we render untrusted AI output into HTML for email, the sanitization pipeline becomes critical. I'd be curious to see how this library handles potential XSS vectors during the MD-to-HTML conversion. | ||
| ▲ | Imustaskforhelp an hour ago | parent | prev [-] | |
This reminds me of the infamous dot zip domain and the security chaos that had followed. | ||