User blog comment:KockaAdmiralac/Security issues/@comment-28083312-20180829022059

Very informative blog man, & I learned some network history too. I nearly panicked at the concatenating HTML example, which is used in w:c:diepio:MediaWiki:Chat.js, but on closer inspection the Chat Tags code I was given to use did indeed have HTML escaped in its user-input. It’s shown me how careless & ignorant I was that I didn’t even realize whether the code I was given was safe or not. I’m no JS expert, & I am certainly not able to catch everything I use, but it’s definitely put it in my head to be more careful.