← All posts
Sanitizer Probe (should render safely)
A deliberately hostile post body used to confirm the render-time sanitizer holds.
A normal callout must render:
This callout should render as a styled amber box.
A raw script must be stripped:
A raw image event handler must be stripped:
A javascript: link must be neutralised: click me.
A script nested INSIDE a safe component must be stripped while the component still renders:
Visible danger text.
More to read
