this post was submitted on 12 Aug 2023
79 points (97.6% liked)

Explain Like I'm Five

14024 readers
20 users here now

Simplifying Complexity, One Answer at a Time!

Rules

  1. Be respectful and inclusive.
  2. No harassment, hate speech, or trolling.
  3. Engage in constructive discussions.
  4. Share relevant content.
  5. Follow guidelines and moderators' instructions.
  6. Use appropriate language and tone.
  7. Report violations.
  8. Foster a continuous learning environment.

founded 1 year ago
MODERATORS
sabbah@lemmy.world
AradFort@lemmy.world
rikudou@lemmings.world
Don_Dickle@lemmy.world
Rikudou_Sage@lemmy.world
79
What happens to the ampersand on the internet? (lemmy.world)
submitted 1 year ago by SacredHeartAttack@lemmy.world to c/explainlikeimfive@lemmy.world
17 comments fedilink hide all child comments
 

I feel like whenever I see the ampersand on this website, it’s followed with “amp;”. I’ve noticed it other places on the internet also. Why does this happen? Is it some programming thing?

Just for a test: &

you are viewing a single comment's thread
view the rest of the comments
[–] mp3@lemmy.ca 21 points 1 year ago* (last edited 1 year ago)

It's because some part of the post is being sanitized to reduce the possibility of a security flaw by someone managing to type in something that could be executed by the server or your web browser in an unexpected way.

https://github.com/LemmyNet/lemmy/blob/main/RELEASES.md#major-changes-1

In terms of security, Lemmy now performs HTML sanitization on all messages which are submitted through the API or received via federation. Together with the tightened content-security-policy from 0.18.2, cross-site scripting attacks are now much more difficult.

The & symbol is however incorrectly parsed by the sanitizer, which will eventually be patched by the devs.